Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2015-5707
HistoryAug 03, 2015 - 12:00 a.m.

CVE-2015-5707

2015-08-0300:00:00
ubuntu.com
ubuntu.com
7

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.3%

JSON

Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the
Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a
denial of service or possibly have unspecified other impact via a large
iov_count value in a write request.

Bugs

Notes

Author Note
jdstrand android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support
sbeattie Probably introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=10db10d144c0248f285242f79daf6b9de6b00a62 (v2.6.28-rc1) Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=451a2886b6bf90e2fb378f7c46c655450fb96e81 (v4.1-rc1) and Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdc81f45e9f57858da6351836507fbcf1b7583ee (v4.1-rc1) see note about backporting in oss-security message.
kamal As per BenH’s notes, the fdc81f45 fix requires import_iovec() from bc917be8 (v4.1-rc1), so set the β€˜break’ SHA for that to bc917be8.
OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchlinux<Β 3.2.0-91.129UNKNOWN
ubuntu14.04noarchlinux<Β 3.13.0-63.103UNKNOWN
ubuntu15.04noarchlinux<Β 3.19.0-28.30UNKNOWN
ubuntu12.04noarchlinux-armadaxp<Β 3.2.0-1656.78UNKNOWN
ubuntu12.04noarchlinux-lts-trusty<Β 3.13.0-63.104~precise1UNKNOWN
ubuntu14.04noarchlinux-lts-utopic<Β 3.16.0-50.66~14.04.1UNKNOWN
ubuntu14.04noarchlinux-lts-vivid<Β 3.19.0-28.30~14.04.1UNKNOWN
ubuntu12.04noarchlinux-ti-omap4<Β 3.2.0-1471.92UNKNOWN

Related

nessus 22
prion 1
openvas 16
ubuntu 7
f5 2
debiancve 1
cve 1
suse 14
debian 3
osv 2
mageia 3
oraclelinux 3
securityvulns 1
androidsecurity 1
nessus
nessus
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerability (USN-2737-1)
2015-09-09 00:00:00
Ubuntu 15.04 : linux vulnerability (USN-2738-1)
2015-09-09 00:00:00
Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerability (USN-2750-1)
2015-09-30 00:00:00
prion
prion
Integer overflow
2015-10-19 10:59:00
openvas
openvas
Ubuntu Update for linux USN-2734-1
2015-09-04 00:00:00
Ubuntu Update for linux-lts-trusty USN-2733-1
2015-09-04 00:00:00
Ubuntu Update for linux-lts-vivid USN-2737-1
2015-09-10 00:00:00
ubuntu
ubuntu
Linux kernel vulnerability
2015-09-09 00:00:00
Linux kernel (Utopic HWE) vulnerability
2015-09-29 00:00:00
Linux kernel vulnerability
2015-09-03 00:00:00
f5
f5
K17475 : Linux kernel vulnerability CVE-2015-5707
2015-10-26 00:00:00
SOL17475 - Linux kernel vulnerability CVE-2015-5707
2015-10-26 00:00:00
debiancve
debiancve
CVE-2015-5707
2015-10-19 10:59:00
cve
cve
CVE-2015-5707
2015-10-19 10:59:00
suse
suse
Security update for Linux Kernel Live Patch 3 (important)
2015-11-24 19:15:29
Security update for Linux Kernel Live Patch 7 (important)
2015-11-24 19:12:18
Security update for Linux Kernel Live Patch 5 (important)
2015-11-24 19:10:26
debian
debian
[SECURITY] [DLA 310-1] linux-2.6 security update
2015-09-21 21:07:12
[SECURITY] [DSA 3329-1] linux security update
2015-08-07 07:18:37
[SECURITY] [DSA 3329-1] linux security update
2015-08-07 07:18:37
osv
osv
linux-2.6 - security update
2015-09-21 00:00:00
linux - security update
2015-08-07 00:00:00
mageia
mageia
Updated kernel-linus package provides 4.1 longterm and fixes security issues
2015-10-09 21:47:39
Updated kernel packages provides 4.1 longterm and fixes security issues
2015-10-01 00:35:18
Updated kernel-tmb packages provides 4.1 longterm kernel and fixes security issues
2016-01-14 04:44:39
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2017-03-31 00:00:00
Unbreakable Enterprise kernel security update
2017-03-31 00:00:00
Unbreakable Enterprise kernel security update
2017-05-16 00:00:00
securityvulns
securityvulns
Linux kernel multiple security vulnerabilities
2015-09-21 00:00:00
androidsecurity
androidsecurity
Android Security Bulletinβ€”July 2017
2017-07-05 00:00:00

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.3%

JSON
Related for UB:CVE-2015-5707
nessus22prion1openvas16ubuntu7f52debiancve1cve1suse14debian3osv2mageia3oraclelinux3securityvulns1androidsecurity1