UbuntuUSN-2843-3Linux kernel (Raspberry Pi 2) vulnerabilities
2.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
5.4 Medium
AI Score
Confidence
Low
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0005 Low
EPSS
Percentile
15.6%
Releases
- Ubuntu 15.10
Packages
- linux-raspi2 - Linux kernel for Raspberry Pi 2
Details
郭永刚 discovered that the ppp implementation in the Linux kernel did
not ensure that certain slot numbers are valid. A local attacker with the
privilege to call ioctl() on /dev/ppp could cause a denial of service
(system crash). (CVE-2015-7799)
Dmitry Vyukov discovered that the Linux kernel’s keyring handler attempted
to garbage collect incompletely instantiated keys. A local unprivileged
attacker could use this to cause a denial of service (system crash).
(CVE-2015-7872)
It was discovered that the virtual video osd test driver in the Linux
kernel did not properly initialize data structures. A local attacker could
use this to obtain sensitive information from the kernel. (CVE-2015-7884)
It was discovered that the driver for Digi Neo and ClassicBoard devices did
not properly initialize data structures. A local attacker could use this to
obtain sensitive information from the kernel. (CVE-2015-7885)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 15.10 | noarch | linux-image-4.2.0-1016-raspi2 | < 4.2.0-1016.23 | UNKNOWN |
| Ubuntu | 15.10 | noarch | linux-headers-4.2.0-1016-raspi2 | < 4.2.0-1016.23 | UNKNOWN |
| Ubuntu | 15.10 | noarch | linux-image-4.2.0-1016-raspi2-dbgsym | < 4.2.0-1016.23 | UNKNOWN |
| Ubuntu | 15.10 | noarch | linux-raspi2-headers-4.2.0-1016 | < 4.2.0-1016.23 | UNKNOWN |
| Ubuntu | 15.10 | noarch | linux-raspi2-tools-4.2.0-1016 | < 4.2.0-1016.23 | UNKNOWN |
| Ubuntu | 15.10 | noarch | linux-raspi2-tools-4.2.0-1016-dbgsym | < 4.2.0-1016.23 | UNKNOWN |
| Ubuntu | 15.10 | noarch | linux-tools-4.2.0-1016-raspi2 | < 4.2.0-1016.23 | UNKNOWN |
Related
2.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
5.4 Medium
AI Score
Confidence
Low
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0005 Low
EPSS
Percentile
15.6%