CVE-2015-7312

2015-09-2300:00:00

ubuntu.com

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

EPSS

Percentile

5.2%

JSON

Multiple race conditions in the Advanced Union Filesystem (aufs)
aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and
4.x allow local users to cause a denial of service (use-after-free and BUG)
or possibly gain privileges via a (1) madvise or (2) msync system call,
related to mm/madvise.c and mm/msync.c.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchlinux< 3.13.0-66.108UNKNOWN
ubuntu15.04noarchlinux< 3.19.0-31.36UNKNOWN
ubuntu12.04noarchlinux-lts-trusty< 3.13.0-66.108~precise1UNKNOWN
ubuntu14.04noarchlinux-lts-utopic< 3.16.0-51.69~14.04.1UNKNOWN
ubuntu14.04noarchlinux-lts-vivid< 3.19.0-31.36~14.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	14.04	noarch	linux	< 3.13.0-66.108	UNKNOWN
ubuntu	15.04	noarch	linux	< 3.19.0-31.36	UNKNOWN
ubuntu	12.04	noarch	linux-lts-trusty	< 3.13.0-66.108~precise1	UNKNOWN
ubuntu	14.04	noarch	linux-lts-utopic	< 3.16.0-51.69~14.04.1	UNKNOWN
ubuntu	14.04	noarch	linux-lts-vivid	< 3.19.0-31.36~14.04.1	UNKNOWN