Lucene search

PRIOn knowledge basePRION:CVE-2015-4004

HistoryJun 07, 2015 - 11:59 p.m.

Out-of-bounds

2015-06-0723:59:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:N/A:C

0.022 Low

EPSS

Percentile

89.2%

JSON

The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via a crafted packet.

CPENameOperatorVersion
ubuntu_linuxeq15.10
ubuntu_linuxeq14.04
ubuntu_linuxeq12.04
linux_kernelge3.4
linux_kernellt4.3

Name	Operator	Version
ubuntu_linux	eq	15.10
ubuntu_linux	eq	14.04
ubuntu_linux	eq	12.04
linux_kernel	ge	3.4
linux_kernel	lt	4.3

References

openwall.com/lists/oss-security/2015/06/05/7

www.securityfocus.com/bid/74669

www.ubuntu.com/usn/USN-2989-1

www.ubuntu.com/usn/USN-2998-1

www.ubuntu.com/usn/USN-3000-1

www.ubuntu.com/usn/USN-3001-1

www.ubuntu.com/usn/USN-3002-1

www.ubuntu.com/usn/USN-3003-1

www.ubuntu.com/usn/USN-3004-1

lkml.org/lkml/2015/5/13/739

6.9 Medium

AI Score

Confidence

Low

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:N/A:C

0.022 Low

EPSS

Percentile

89.2%

JSON

Related for PRION:CVE-2015-4004