6.9 Medium
AI Score
Confidence
Low
8.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:P/I:N/A:C
0.022 Low
EPSS
Percentile
89.2%
The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via a crafted packet.
CPE | Name | Operator | Version |
---|---|---|---|
ubuntu_linux | eq | 15.10 | |
ubuntu_linux | eq | 14.04 | |
ubuntu_linux | eq | 12.04 | |
linux_kernel | ge | 3.4 | |
linux_kernel | lt | 4.3 |
openwall.com/lists/oss-security/2015/06/05/7
www.securityfocus.com/bid/74669
www.ubuntu.com/usn/USN-2989-1
www.ubuntu.com/usn/USN-2998-1
www.ubuntu.com/usn/USN-3000-1
www.ubuntu.com/usn/USN-3001-1
www.ubuntu.com/usn/USN-3002-1
www.ubuntu.com/usn/USN-3003-1
www.ubuntu.com/usn/USN-3004-1
lkml.org/lkml/2015/5/13/739