7

CVE-2015-8543

EPSS 1.92%
Published 28.12.2015 11:59:06
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.

Affected products Warnungen 0 Metrics 3 CWE 0 References 23

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 3.2.75

Linux ≫ Linux Kernel Version >= 3.3 < 3.4.111

Linux ≫ Linux Kernel Version >= 3.5 < 3.10.95

Linux ≫ Linux Kernel Version >= 3.11 < 3.12.52

Linux ≫ Linux Kernel Version >= 3.13 < 3.14.59

Linux ≫ Linux Kernel Version >= 3.15 < 3.16.35

Linux ≫ Linux Kernel Version >= 3.17 < 3.18.26

Linux ≫ Linux Kernel Version >= 3.19 < 4.1.16

Linux ≫ Linux Kernel Version >= 4.2 < 4.3.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.92%	0.826

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7	1	5.9	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

Third Party Advisory

Mailing List

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-0855.html

Third Party Advisory

http://www.debian.org/security/2015/dsa-3426

Third Party Advisory

http://www.ubuntu.com/usn/USN-2886-1

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html

Third Party Advisory

Mailing List

http://www.ubuntu.com/usn/USN-2888-1

Third Party Advisory

http://www.ubuntu.com/usn/USN-2890-1

Third Party Advisory

http://www.ubuntu.com/usn/USN-2890-2

Third Party Advisory

http://www.ubuntu.com/usn/USN-2890-3

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2574.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2584.html

Third Party Advisory

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9

Vendor Advisory

http://www.debian.org/security/2016/dsa-3434

Third Party Advisory

http://www.openwall.com/lists/oss-security/2015/12/09/5

Third Party Advisory

Mailing List

http://www.securityfocus.com/bid/79698

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1034892

Third Party Advisory

VDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1290475

Third Party Advisory

Issue Tracking

https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2015-8543

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-8543

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-8543

EUVD