Lucene search

K

PRIOn knowledge basePRION:CVE-2015-5706

HistoryAug 31, 2015 - 10:59 a.m.

Design/Logic Flaw

2015-08-3110:59:00

PRIOn knowledge base

www.prio-n.com

3

7.3 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via O_TMPFILE filesystem operations that leverage a duplicate cleanup operation.

CPENameOperatorVersion
ubuntu_linuxeq12.04
ubuntu_linuxeq14.04
debian_linuxeq8.0
debian_linuxeq7.0
linux_kernelge3.0
linux_kernelle3.19.8
linux_kernelge4.0
linux_kernellt4.0.4

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0

www.debian.org/security/2015/dsa-3329

www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.4

www.openwall.com/lists/oss-security/2015/08/01/5

www.securityfocus.com/bid/76142

www.ubuntu.com/usn/USN-2680-1

www.ubuntu.com/usn/USN-2681-1

bugzilla.redhat.com/show_bug.cgi?id=1250047

github.com/torvalds/linux/commit/f15133df088ecadd141ea1907f2c96df67c729f0

source.android.com/security/bulletin/2017-01-01.html

twitter.com/grsecurity/statuses/597127122910490624

7.3 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

Related for PRION:CVE-2015-5706

debiancve1 cve1 android1 ubuntucve1 ubuntu5 openvas10 nessus4 debian2 mageia3 osv1 ibm1 securityvulns1 androidsecurity1 lenovo1