Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-2797-1
HistoryNov 05, 2015 - 12:00 a.m.

Linux kernel (Utopic HWE) vulnerabilities

2015-11-0500:00:00
ubuntu.com
40

6.9 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.028 Low

EPSS

Percentile

90.4%

JSON

Releases

  • Ubuntu 14.04 ESM

Packages

  • linux-lts-utopic - Linux hardware enablement kernel from Utopic

Details

It was discovered that the Linux kernel did not check if a new IPv6 MTU set
by a user space application was valid. A remote attacker could forge a
route advertisement with an invalid MTU that a user space daemon like
NetworkManager would honor and apply to the kernel, causing a denial of
service. (CVE-2015-0272)

It was discovered that in certain situations, a directory could be renamed
outside of a bind mounted location. An attacker could use this to escape
bind mount containment and gain access to sensitive information.
(CVE-2015-2925)

Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained
hardcoded attributes about the USB devices. An attacker could construct a
fake WhiteHEAT USB device that, when inserted, causes a denial of service
(system crash). (CVE-2015-5257)

It was discovered that the SCTP protocol implementation in the Linux kernel
performed an incorrect sequence of protocol-initialization steps. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2015-5283)

OSVersionArchitecturePackageVersionFilename
Ubuntu14.04noarchlinux-image-3.16.0-52-generic< 3.16.0-52.71~14.04.1UNKNOWN
Ubuntu14.04noarchblock-modules-3.16.0-52-generic-di< 3.16.0-52.71~14.04.1UNKNOWN
Ubuntu14.04noarchcrypto-modules-3.16.0-52-generic-di< 3.16.0-52.71~14.04.1UNKNOWN
Ubuntu14.04noarchfat-modules-3.16.0-52-generic-di< 3.16.0-52.71~14.04.1UNKNOWN
Ubuntu14.04noarchfb-modules-3.16.0-52-generic-di< 3.16.0-52.71~14.04.1UNKNOWN
Ubuntu14.04noarchfirewire-core-modules-3.16.0-52-generic-di< 3.16.0-52.71~14.04.1UNKNOWN
Ubuntu14.04noarchfloppy-modules-3.16.0-52-generic-di< 3.16.0-52.71~14.04.1UNKNOWN
Ubuntu14.04noarchfs-core-modules-3.16.0-52-generic-di< 3.16.0-52.71~14.04.1UNKNOWN
Ubuntu14.04noarchfs-secondary-modules-3.16.0-52-generic-di< 3.16.0-52.71~14.04.1UNKNOWN
Ubuntu14.04noarchinput-modules-3.16.0-52-generic-di< 3.16.0-52.71~14.04.1UNKNOWN
Rows per page:
1-10 of 571

Related

openvas 38
nessus 60
debian 6
osv 4
ubuntu 14
cloudfoundry 3
fedora 4
suse 19
f5 4
ubuntucve 5
debiancve 5
prion 5
cve 6
mageia 5
securityvulns 2
oraclelinux 6
centos 3
ibm 2
redhat 6
veracode 1
amazon 1
openvas
openvas
Ubuntu Update for linux-lts-utopic USN-2797-1
2015-11-06 00:00:00
Debian Security Advisory DSA 3372-1 (linux - security update)
2015-10-13 00:00:00
Debian Security Advisory DSA 3372-1 (linux - security update)
2015-10-13 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2797-1)
2015-11-06 00:00:00
Debian DSA-3372-1 : linux - security update
2015-10-14 00:00:00
Ubuntu 12.04 LTS : linux vulnerabilities (USN-2792-1)
2015-11-06 00:00:00
debian
debian
[SECURITY] [DSA 3372-1] linux security update
2015-10-13 09:55:29
[SECURITY] [DSA 3372-1] linux security update
2015-10-13 09:55:29
[SECURITY] [DLA 325-1] linux-2.6 security update
2015-10-12 17:20:28
osv
osv
linux - security update
2015-10-13 00:00:00
linux-2.6 - security update
2015-10-12 00:00:00
linux - security update
2015-09-21 00:00:00
ubuntu
ubuntu
Linux kernel (OMAP4) vulnerabilities
2015-11-05 00:00:00
Linux kernel vulnerabilities
2015-11-05 00:00:00
Linux kernel (Trusty HWE) vulnerabilities
2015-11-05 00:00:00
cloudfoundry
cloudfoundry
USN-2798-1 Linux kernel vulnerability | Cloud Foundry
2015-11-12 00:00:00
USN-2829-1 Linux kernel vulnerability | Cloud Foundry
2016-01-07 00:00:00
USN-2778-1 Linux kernel vulnerabilities | Cloud Foundry
2015-11-03 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: kernel-4.1.10-200.fc22
2015-10-09 10:30:07
[SECURITY] Fedora 21 Update: kernel-4.1.10-100.fc21
2015-11-01 22:25:14
[SECURITY] Fedora 23 Update: kernel-4.2.2-300.fc23
2015-10-03 18:04:46
suse
suse
Security update for the Linux Kernel (important)
2015-10-29 17:52:39
Security update for the Linux Kernel (important)
2015-12-04 14:10:52
Security update for the Linux Kernel (important)
2015-12-17 16:11:14
f5
f5
SOL37510383 - Linux kernel SCTP vulnerability CVE-2015-5283
2016-01-28 00:00:00
K37510383 : Linux kernel SCTP vulnerability CVE-2015-5283
2016-01-28 00:00:00
K31026324 : Linux kernel vulnerabilities CVE-2015-2925, CVE-2015-5307, and CVE-2015-8104
2016-01-13 00:00:00
ubuntucve
ubuntucve
CVE-2015-5283
2015-10-19 00:00:00
CVE-2015-2925
2015-04-06 00:00:00
CVE-2015-8215
2015-11-16 00:00:00
debiancve
debiancve
CVE-2015-5283
2015-10-19 10:59:00
CVE-2015-2925
2015-11-16 11:59:00
CVE-2015-0272
2015-11-17 15:59:00
prion
prion
Memory corruption
2015-10-19 10:59:00
Design/Logic Flaw
2015-11-16 11:59:00
Design/Logic Flaw
2015-11-16 21:59:00
cve
cve
CVE-2015-5283
2015-10-19 10:59:00
CVE-2015-2925
2015-11-16 11:59:00
CVE-2015-5275
2015-11-23 11:59:00
mageia
mageia
Updated kernel packages fixes security vulnerability
2015-11-07 23:11:27
Updated kernel-linus packages fixes security vulnerability
2015-11-10 21:41:41
Updated kernel-linus packages fix security vulnerabilities
2016-06-22 22:08:04
securityvulns
securityvulns
[SECURITY] [DSA 3364-1] linux security update
2015-10-05 00:00:00
Linux kernel multiple security vulnerabilities
2015-09-21 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2015-11-27 00:00:00
NetworkManager security, bug fix, and enhancement update
2015-11-24 00:00:00
Unbreakable Enterprise kernel security update
2016-01-08 00:00:00
centos
centos
ModemManager, NetworkManager, libnm, network, nm security update
2015-11-30 19:44:35
kernel, perf, python security update
2015-12-16 00:07:51
kernel, perf, python security update
2015-11-30 19:36:22
ibm
ibm
Security Bulletin: Vulnerabilities in NetworkManager affect PowerKVM (CVE-2015-0272,CVE-2015-2924)
2018-06-18 01:30:52
Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM
2018-06-18 01:33:24
redhat
redhat
(RHSA-2015:2315) Moderate: NetworkManager security, bug fix, and enhancement update
2015-11-19 13:34:47
(RHSA-2015:2587) Important: kernel security, bug fix, and enhancement update
2015-12-09 08:43:06
(RHSA-2015:2411) Important: kernel-rt security, bug fix, and enhancement update
2015-11-19 13:46:10
veracode
veracode
Improper Access Control
2019-05-02 05:20:50
amazon
amazon
Medium: kernel
2015-10-27 13:40:00

6.9 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.028 Low

EPSS

Percentile

90.4%

JSON
Related for USN-2797-1
openvas38nessus60debian6osv4ubuntu14cloudfoundry3fedora4suse19f54ubuntucve5debiancve5prion5cve6mageia5securityvulns2oraclelinux6centos3ibm2redhat6veracode1amazon1