6.5

CVE-2015-5327

Out-of-bounds memory read in the x509_decode_time function in x509_cert_parser.c in Linux kernels 4.3-rc1 and after.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version4.3
LinuxLinux Kernel Version4.3 Updaterc1
LinuxLinux Kernel Version4.3 Updaterc2
LinuxLinux Kernel Version4.3 Updaterc3
LinuxLinux Kernel Version4.3 Updaterc4
LinuxLinux Kernel Version4.3 Updaterc5
LinuxLinux Kernel Version4.3 Updaterc6
LinuxLinux Kernel Version4.3 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.63% 0.731
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:P/I:N/A:N
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

http://www.openwall.com/lists/oss-security/2015/11/27/1
Third Party Advisory
Mailing List
https://bugzilla.redhat.com/show_bug.cgi?id=1278978
Third Party Advisory
Issue Tracking
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc25b994acfbc901429da682d0f73c190e960206
Patch