7

CVE-2015-8543

EPSS 1.92%
Veröffentlicht 28.12.2015 11:59:06
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 23

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 3.2.75

Linux ≫ Linux Kernel Version >= 3.3 < 3.4.111

Linux ≫ Linux Kernel Version >= 3.5 < 3.10.95

Linux ≫ Linux Kernel Version >= 3.11 < 3.12.52

Linux ≫ Linux Kernel Version >= 3.13 < 3.14.59

Linux ≫ Linux Kernel Version >= 3.15 < 3.16.35

Linux ≫ Linux Kernel Version >= 3.17 < 3.18.26

Linux ≫ Linux Kernel Version >= 3.19 < 4.1.16

Linux ≫ Linux Kernel Version >= 4.2 < 4.3.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.92%	0.826

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7	1	5.9	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

Third Party Advisory

Mailing List

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-0855.html

Third Party Advisory

http://www.debian.org/security/2015/dsa-3426

Third Party Advisory

http://www.ubuntu.com/usn/USN-2886-1

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html

Third Party Advisory

Mailing List

http://www.ubuntu.com/usn/USN-2888-1

Third Party Advisory

http://www.ubuntu.com/usn/USN-2890-1

Third Party Advisory

http://www.ubuntu.com/usn/USN-2890-2

Third Party Advisory

http://www.ubuntu.com/usn/USN-2890-3

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2574.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2584.html

Third Party Advisory

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9

Vendor Advisory

http://www.debian.org/security/2016/dsa-3434

Third Party Advisory

http://www.openwall.com/lists/oss-security/2015/12/09/5

Third Party Advisory

Mailing List

http://www.securityfocus.com/bid/79698

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1034892

Third Party Advisory

VDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1290475

Third Party Advisory

Issue Tracking

https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2015-8543

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-8543

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-8543

EUVD