CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
5.2%
Multiple race conditions in the Advanced Union Filesystem (aufs)
aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and
4.x allow local users to cause a denial of service (use-after-free and BUG)
or possibly gain privileges via a (1) madvise or (2) msync system call,
related to mm/madvise.c and mm/msync.c.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 14.04 | noarch | linux | < 3.13.0-66.108 | UNKNOWN |
ubuntu | 15.04 | noarch | linux | < 3.19.0-31.36 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-trusty | < 3.13.0-66.108~precise1 | UNKNOWN |
ubuntu | 14.04 | noarch | linux-lts-utopic | < 3.16.0-51.69~14.04.1 | UNKNOWN |
ubuntu | 14.04 | noarch | linux-lts-vivid | < 3.19.0-31.36~14.04.1 | UNKNOWN |
sourceforge.net/p/aufs/mailman/message/34449209/
www.openwall.com/lists/oss-security/2015/09/10/3
launchpad.net/bugs/cve/CVE-2015-7312
nvd.nist.gov/vuln/detail/CVE-2015-7312
security-tracker.debian.org/tracker/CVE-2015-7312
ubuntu.com/security/notices/USN-2775-1
ubuntu.com/security/notices/USN-2776-1
ubuntu.com/security/notices/USN-2777-1
ubuntu.com/security/notices/USN-2778-1
ubuntu.com/security/notices/USN-2779-1
www.cve.org/CVERecord?id=CVE-2015-7312