Lucene search

K
ubuntuUbuntuUSN-2843-1
HistoryDec 17, 2015 - 12:00 a.m.

Linux kernel vulnerabilities

2015-12-1700:00:00
ubuntu.com
58

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

2.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

5.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

42.0%

Releases

  • Ubuntu 15.10

Packages

  • linux - Linux kernel

Details

Jan Beulich discovered that the KVM svm hypervisor implementation in the
Linux kernel did not properly catch Debug exceptions on AMD processors. An
attacker in a guest virtual machine could use this to cause a denial of
service (system crash) in the host OS. (CVE-2015-8104)

郭永刚 discovered that the ppp implementation in the Linux kernel did
not ensure that certain slot numbers are valid. A local attacker with the
privilege to call ioctl() on /dev/ppp could cause a denial of service
(system crash). (CVE-2015-7799)

Dmitry Vyukov discovered that the Linux kernel’s keyring handler attempted
to garbage collect incompletely instantiated keys. A local unprivileged
attacker could use this to cause a denial of service (system crash).
(CVE-2015-7872)

It was discovered that the virtual video osd test driver in the Linux
kernel did not properly initialize data structures. A local attacker could
use this to obtain sensitive information from the kernel. (CVE-2015-7884)

It was discovered that the driver for Digi Neo and ClassicBoard devices did
not properly initialize data structures. A local attacker could use this to
obtain sensitive information from the kernel. (CVE-2015-7885)

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

2.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

5.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

42.0%