Lucene search

K
ubuntucveUbuntu.comUB:CVE-2015-2041
HistoryFeb 23, 2015 - 12:00 a.m.

CVE-2015-2041

2015-02-2300:00:00
ubuntu.com
ubuntu.com
15

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

EPSS

0

Percentile

10.1%

net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect
data type in a sysctl table, which allows local users to obtain potentially
sensitive information from kernel memory or possibly have unspecified other
impact by accessing a sysctl entry.

Bugs

Notes

Author Note
jdstrand android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support
sbeattie introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=590232a7150674b2036291eaefce085f3f9659c8
OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchlinux< 3.2.0-80.116UNKNOWN
ubuntu14.04noarchlinux< 3.13.0-49.81UNKNOWN
ubuntu14.10noarchlinux< 3.16.0-34.45UNKNOWN
ubuntu12.04noarchlinux-armadaxp< 3.2.0-1648.67UNKNOWN
ubuntu12.04noarchlinux-lts-trusty< 3.13.0-49.81~precise1UNKNOWN
ubuntu14.04noarchlinux-lts-utopic< 3.16.0-34.45~14.04.1UNKNOWN
ubuntu12.04noarchlinux-ti-omap4< 3.2.0-1462.82UNKNOWN

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

EPSS

0

Percentile

10.1%