1.9

CVE-2015-2830

arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrated by an attack against seccomp before 3.16.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DebianDebian Linux Version7.0
DebianDebian Linux Version8.0
LinuxLinux Kernel Version <= 3.19.1
CanonicalUbuntu Linux Version12.04 SwEditionlts
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.41% 0.329
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 1.9 3.4 2.9
AV:L/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
http://rhn.redhat.com/errata/RHSA-2015-1137.html
http://rhn.redhat.com/errata/RHSA-2015-1138.html
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
http://www.debian.org/security/2015/dsa-3237
http://www.ubuntu.com/usn/USN-2631-1
http://www.ubuntu.com/usn/USN-2632-1
http://rhn.redhat.com/errata/RHSA-2015-1221.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=956421fbb74c3a6261903f3836c0740187cf038b
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.2
Vendor Advisory
http://www.openwall.com/lists/oss-security/2015/04/02/1
http://www.securitytracker.com/id/1032413
https://bugzilla.redhat.com/show_bug.cgi?id=1208598
https://github.com/torvalds/linux/commit/956421fbb74c3a6261903f3836c0740187cf038b