Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2016 Greenbone AGOPENVAS:1361412562310131182
HistoryJan 14, 2016 - 12:00 a.m.

Mageia: Security Advisory (MGASA-2016-0005)

2016-01-1400:00:00
Copyright (C) 2016 Greenbone AG
plugins.openvas.org
23

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

7 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

44.7%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.131182");
  script_cve_id("CVE-2015-6937", "CVE-2015-7872", "CVE-2015-7884", "CVE-2015-7885", "CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552", "CVE-2015-8660");
  script_tag(name:"creation_date", value:"2016-01-14 05:28:55 +0000 (Thu, 14 Jan 2016)");
  script_version("2024-02-02T05:06:05+0000");
  script_tag(name:"last_modification", value:"2024-02-02 05:06:05 +0000 (Fri, 02 Feb 2024)");
  script_tag(name:"cvss_base", value:"7.2");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2016-04-18 17:31:24 +0000 (Mon, 18 Apr 2016)");

  script_name("Mageia: Security Advisory (MGASA-2016-0005)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2016 Greenbone AG");
  script_family("Mageia Linux Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/mageia_linux", "ssh/login/release", re:"ssh/login/release=MAGEIA5");

  script_xref(name:"Advisory-ID", value:"MGASA-2016-0005");
  script_xref(name:"URL", value:"https://advisories.mageia.org/MGASA-2016-0005.html");
  script_xref(name:"URL", value:"https://bugs.mageia.org/show_bug.cgi?id=17397");
  script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.14");
  script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.15");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'kernel, kernel-userspace-headers, kmod-broadcom-wl, kmod-fglrx, kmod-nvidia304, kmod-nvidia340, kmod-nvidia-current, kmod-xtables-addons' package(s) announced via the MGASA-2016-0005 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"This kernel update is based on upstream 4.1.15 longterm kernel and fixes
the following security issues:

The __rds_conn_create function in net/rds/connection.c in the Linux kernel
through 4.2.3 allows local users to cause a denial of service (NULL pointer
dereference and system crash) or possibly have unspecified other impact by
using a socket that was not properly bound (CVE-2015-6937).

The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel
through 4.2.6 allows local users to cause a denial of service (OOPS) via
crafted keyctl commands (CVE-2015-7872).

The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in
the Linux kernel through 4.3.3 does not initialize a certain structure
member, which allows local users to obtain sensitive information from
kernel memory via a crafted application (CVE-2015-7884).

The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the
Linux kernel through 4.3.3 does not initialize a certain structure member,
which allows local users to obtain sensitive information from kernel memory
via a crafted application (CVE-2015-7885).

Felix Wilhelm discovered a race condition in the Xen paravirtualized
drivers which can cause double fetch vulnerabilities. An attacker in the
paravirtualized guest could exploit this flaw to cause a denial of service
(crash the host) or potentially execute arbitrary code on the host
(CVE-2015-8550 / XSA-155).

Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not
perform sanity checks on the device's state. An attacker could exploit
this flaw to cause a denial of service (NULL dereference) on the host
(CVE-2015-8551 / XSA-157).

Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not
perform sanity checks on the device's state. An attacker could exploit
this flaw to cause a denial of service by flooding the logging system
with WARN() messages causing the initial domain to exhaust disk space
(CVE-2015-8552 / XSA-157).

The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel
through 4.3.3 attempts to merge distinct setattr operations, which allows
local users to bypass intended access restrictions and modify the
attributes of arbitrary overlay files via a crafted application
(CVE-2015-8660).

For other fixes in this update, see the referenced changelogs.");

  script_tag(name:"affected", value:"'kernel, kernel-userspace-headers, kmod-broadcom-wl, kmod-fglrx, kmod-nvidia304, kmod-nvidia340, kmod-nvidia-current, kmod-xtables-addons' package(s) on Mageia 5.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "MAGEIA5") {

  if(!isnull(res = isrpmvuln(pkg:"broadcom-wl-kernel-4.1.15-desktop-1.mga5", rpm:"broadcom-wl-kernel-4.1.15-desktop-1.mga5~6.30.223.271~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"broadcom-wl-kernel-4.1.15-desktop586-1.mga5", rpm:"broadcom-wl-kernel-4.1.15-desktop586-1.mga5~6.30.223.271~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"broadcom-wl-kernel-4.1.15-server-1.mga5", rpm:"broadcom-wl-kernel-4.1.15-server-1.mga5~6.30.223.271~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"broadcom-wl-kernel-desktop-latest", rpm:"broadcom-wl-kernel-desktop-latest~6.30.223.271~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"broadcom-wl-kernel-desktop586-latest", rpm:"broadcom-wl-kernel-desktop586-latest~6.30.223.271~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"broadcom-wl-kernel-server-latest", rpm:"broadcom-wl-kernel-server-latest~6.30.223.271~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"cpupower", rpm:"cpupower~4.1.15~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"cpupower-devel", rpm:"cpupower-devel~4.1.15~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"fglrx-kernel-4.1.15-desktop-1.mga5", rpm:"fglrx-kernel-4.1.15-desktop-1.mga5~15.200.1046~8.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"fglrx-kernel-4.1.15-desktop586-1.mga5", rpm:"fglrx-kernel-4.1.15-desktop586-1.mga5~15.200.1046~8.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"fglrx-kernel-4.1.15-server-1.mga5", rpm:"fglrx-kernel-4.1.15-server-1.mga5~15.200.1046~8.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"fglrx-kernel-desktop-latest", rpm:"fglrx-kernel-desktop-latest~15.200.1046~8.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"fglrx-kernel-desktop586-latest", rpm:"fglrx-kernel-desktop586-latest~15.200.1046~8.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"fglrx-kernel-server-latest", rpm:"fglrx-kernel-server-latest~15.200.1046~8.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel", rpm:"kernel~4.1.15~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-4.1.15-1.mga5", rpm:"kernel-desktop-4.1.15-1.mga5~1~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-devel-4.1.15-1.mga5", rpm:"kernel-desktop-devel-4.1.15-1.mga5~1~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-devel-latest", rpm:"kernel-desktop-devel-latest~4.1.15~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-latest", rpm:"kernel-desktop-latest~4.1.15~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-4.1.15-1.mga5", rpm:"kernel-desktop586-4.1.15-1.mga5~1~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-devel-4.1.15-1.mga5", rpm:"kernel-desktop586-devel-4.1.15-1.mga5~1~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-devel-latest", rpm:"kernel-desktop586-devel-latest~4.1.15~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-latest", rpm:"kernel-desktop586-latest~4.1.15~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~4.1.15~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-server-4.1.15-1.mga5", rpm:"kernel-server-4.1.15-1.mga5~1~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-server-devel-4.1.15-1.mga5", rpm:"kernel-server-devel-4.1.15-1.mga5~1~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-server-devel-latest", rpm:"kernel-server-devel-latest~4.1.15~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-server-latest", rpm:"kernel-server-latest~4.1.15~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-source-4.1.15-1.mga5", rpm:"kernel-source-4.1.15-1.mga5~1~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-source-latest", rpm:"kernel-source-latest~4.1.15~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-userspace-headers", rpm:"kernel-userspace-headers~4.1.15~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kmod-broadcom-wl", rpm:"kmod-broadcom-wl~6.30.223.271~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kmod-fglrx", rpm:"kmod-fglrx~15.200.1046~8.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kmod-nvidia-current", rpm:"kmod-nvidia-current~346.96~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kmod-nvidia304", rpm:"kmod-nvidia304~304.128~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kmod-nvidia340", rpm:"kmod-nvidia340~340.93~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kmod-xtables-addons", rpm:"kmod-xtables-addons~2.7~7.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia-current-kernel-4.1.15-desktop-1.mga5", rpm:"nvidia-current-kernel-4.1.15-desktop-1.mga5~346.96~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia-current-kernel-4.1.15-desktop586-1.mga5", rpm:"nvidia-current-kernel-4.1.15-desktop586-1.mga5~346.96~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia-current-kernel-4.1.15-server-1.mga5", rpm:"nvidia-current-kernel-4.1.15-server-1.mga5~346.96~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia-current-kernel-desktop-latest", rpm:"nvidia-current-kernel-desktop-latest~346.96~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia-current-kernel-desktop586-latest", rpm:"nvidia-current-kernel-desktop586-latest~346.96~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia-current-kernel-server-latest", rpm:"nvidia-current-kernel-server-latest~346.96~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia304-kernel-4.1.15-desktop-1.mga5", rpm:"nvidia304-kernel-4.1.15-desktop-1.mga5~304.128~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia304-kernel-4.1.15-desktop586-1.mga5", rpm:"nvidia304-kernel-4.1.15-desktop586-1.mga5~304.128~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia304-kernel-4.1.15-server-1.mga5", rpm:"nvidia304-kernel-4.1.15-server-1.mga5~304.128~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia304-kernel-desktop-latest", rpm:"nvidia304-kernel-desktop-latest~304.128~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia304-kernel-desktop586-latest", rpm:"nvidia304-kernel-desktop586-latest~304.128~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia304-kernel-server-latest", rpm:"nvidia304-kernel-server-latest~304.128~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia340-kernel-4.1.15-desktop-1.mga5", rpm:"nvidia340-kernel-4.1.15-desktop-1.mga5~340.93~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia340-kernel-4.1.15-desktop586-1.mga5", rpm:"nvidia340-kernel-4.1.15-desktop586-1.mga5~340.93~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia340-kernel-4.1.15-server-1.mga5", rpm:"nvidia340-kernel-4.1.15-server-1.mga5~340.93~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia340-kernel-desktop-latest", rpm:"nvidia340-kernel-desktop-latest~340.93~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia340-kernel-desktop586-latest", rpm:"nvidia340-kernel-desktop586-latest~340.93~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"nvidia340-kernel-server-latest", rpm:"nvidia340-kernel-server-latest~340.93~4.mga5.nonfree", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"perf", rpm:"perf~4.1.15~1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-4.1.15-desktop-1.mga5", rpm:"xtables-addons-kernel-4.1.15-desktop-1.mga5~2.7~7.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-4.1.15-desktop586-1.mga5", rpm:"xtables-addons-kernel-4.1.15-desktop586-1.mga5~2.7~7.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-4.1.15-server-1.mga5", rpm:"xtables-addons-kernel-4.1.15-server-1.mga5~2.7~7.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-desktop-latest", rpm:"xtables-addons-kernel-desktop-latest~2.7~7.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-desktop586-latest", rpm:"xtables-addons-kernel-desktop586-latest~2.7~7.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-server-latest", rpm:"xtables-addons-kernel-server-latest~2.7~7.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Related

mageia 3
openvas 38
nessus 44
ubuntu 27
f5 5
xen 2
cloudfoundry 2
cve 9
debiancve 9
suse 12
prion 9
ubuntucve 9
debian 4
zdt 4
canvas 1
packetstorm 2
exploitpack 1
osv 2
veracode 3
fedora 3
seebug 1
amazon 1
exploitdb 1
metasploit 1
oraclelinux 1
redhat 4
centos 1
mageia
mageia
Updated kernel packages fix security vulnerabilities
2016-01-11 13:44:41
Updated kernel-linus packages fix security vulnerabilities
2016-01-14 04:44:39
Updated kernel-tmb packages provides 4.1 longterm kernel and fixes security issues
2016-01-14 04:44:39
openvas
openvas
Mageia: Security Advisory (MGASA-2016-0014)
2016-01-14 00:00:00
Ubuntu: Security Advisory (USN-2846-1)
2015-12-20 00:00:00
Ubuntu: Security Advisory (USN-2843-3)
2015-12-18 00:00:00
nessus
nessus
Ubuntu 15.04 : linux vulnerabilities (USN-2850-1)
2015-12-21 00:00:00
Ubuntu 12.04 LTS : linux vulnerabilities (USN-2846-1)
2015-12-21 00:00:00
Ubuntu 15.10 : linux vulnerabilities (USN-2851-1)
2015-12-21 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2015-12-19 00:00:00
Linux kernel (Raspberry Pi 2) vulnerabilities
2015-12-17 00:00:00
Linux kernel (Wily HWE) vulnerabilities
2015-12-20 00:00:00
f5
f5
SOL07560020 - Linux kernel vulnerabilities CVE-2015-7884, CVE-2015-7885, CVE-2015-8543, CVE-2015-8569, and CVE-2015-8660
2016-01-28 00:00:00
K07560020 : Linux kernel vulnerabilities CVE-2015-7884, CVE-2015-7885, CVE-2015-8543, CVE-2015-8569, and CVE-2015-8660
2016-01-29 00:00:00
SOL94105604 - Linux kernel vulnerability CVE-2015-7872
2016-01-13 00:00:00
xen
xen
Linux pciback missing sanity checks leading to crash
2015-12-17 12:00:00
paravirtualized drivers incautious about shared memory contents
2015-12-17 12:00:00
cloudfoundry
cloudfoundry
USN-2842-1/USN-2842-2 Linux kernel vulnerability | Cloud Foundry
2016-01-07 00:00:00
USN-2829-1 Linux kernel vulnerability | Cloud Foundry
2016-01-07 00:00:00
cve
cve
CVE-2015-7884
2015-12-28 11:59:00
CVE-2015-7885
2015-12-28 11:59:00
CVE-2015-8660
2015-12-28 11:59:00
debiancve
debiancve
CVE-2015-7884
2015-12-28 11:59:00
CVE-2015-7885
2015-12-28 11:59:00
CVE-2015-8660
2015-12-28 11:59:00
suse
suse
Security update for the Linux Kernel (important)
2016-01-19 14:12:54
Security update for kernel live patch 4 (important)
2016-02-08 18:13:14
Security update for kernel live patch 2 (important)
2016-02-08 18:18:47
prion
prion
Design/Logic Flaw
2015-12-28 11:59:00
Design/Logic Flaw
2015-12-28 11:59:00
Null pointer dereference
2015-10-19 10:59:00
ubuntucve
ubuntucve
CVE-2015-7884
2015-10-23 00:00:00
CVE-2015-7885
2015-10-23 00:00:00
CVE-2015-8660
2015-12-28 00:00:00
debian
debian
[SECURITY] [DSA 3434-1] linux security update
2016-01-05 19:18:32
[SECURITY] [DSA 3396-1] linux security update
2015-11-10 08:08:51
[SECURITY] [DSA 3396-1] linux security update
2015-11-10 08:08:51
zdt
zdt
Linux Kernel 4.3.3 (Ubuntu 14.04/15.10) - 'overlayfs' Privilege Escalation (1)
2016-01-05 00:00:00
Linux Kernel 4.3.3 - 'overlayfs' Privilege Escalation (2)
2016-01-12 00:00:00
Linux Kernel (Ubuntu / Fedora / Redhat) - 'Overlayfs' Privilege Escalation Exploit
2016-11-03 00:00:00
canvas
canvas
Immunity Canvas: OVERLAYFS_SETATTR
2015-12-28 11:59:00
packetstorm
packetstorm
Ubuntu 14.04 LTS / 15.10 overlayfs Local Root
2016-01-06 00:00:00
Overlayfs Privilege Escalation
2016-11-01 00:00:00
exploitpack
exploitpack
Linux Kernel 4.3.3 (Ubuntu 14.0415.10) - overlayfs Local Privilege Escalation (1)
2016-01-05 00:00:00
osv
osv
linux - security update
2015-11-10 00:00:00
linux - security update
2016-01-05 00:00:00
veracode
veracode
Authorization Bypass
2019-01-15 09:12:37
Use-After-Free
2019-05-02 06:01:56
Denial Of Service (DoS)
2019-05-02 05:24:43
fedora
fedora
[SECURITY] Fedora 22 Update: kernel-4.1.8-200.fc22
2015-10-03 21:26:13
[SECURITY] Fedora 23 Update: kernel-4.2.1-300.fc23
2015-09-24 05:23:44
[SECURITY] Fedora 21 Update: kernel-4.1.8-100.fc21
2015-10-03 21:55:06
seebug
seebug
Ubuntu 14.04 LTS, 15.10 overlayfs - Local Root Exploit
2016-01-18 00:00:00
amazon
amazon
Medium: kernel
2015-11-23 13:41:00
exploitdb
exploitdb
Linux Kernel 4.3.3 (Ubuntu 14.04/15.10) - 'overlayfs' Local Privilege Escalation (1)
2016-01-05 00:00:00
metasploit
metasploit
Overlayfs Privilege Escalation
2016-10-05 03:21:53
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2016-08-04 00:00:00
redhat
redhat
(RHSA-2016:0224) Important: kernel-rt security, bug fix, and enhancement update
2016-02-16 00:00:00
(RHSA-2016:1532) Important: kernel-rt security and bug fix update
2016-08-02 13:34:07
(RHSA-2016:1541) Important: kernel-rt security and bug fix update
2016-08-02 13:46:48
centos
centos
kernel, perf, python security update
2016-02-17 03:38:06

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

7 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

44.7%

JSON
Related for OPENVAS:1361412562310131182
mageia3openvas38nessus44ubuntu27f55xen2cloudfoundry2cve9debiancve9suse12prion9ubuntucve9debian4zdt4canvas1packetstorm2exploitpack1osv2veracode3fedora3seebug1amazon1exploitdb1metasploit1oraclelinux1redhat4centos1