Published: 27/05/2015 Updated: 07/11/2023

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

VMScore: 169

Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N

arch/x86/kernel/entry_64.S in the Linux kernel prior to 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrated by an attack against seccomp prior to 3.16.

Vulnerable Product	Search on Vulmon	Subscribe to Product
debian debian linux 8.0
debian debian linux 7.0
linux linux kernel
canonical ubuntu linux 12.04

Debian Bug report logs - #782561 Buffer overruns in Linux kernel RFC4106 implementation using AESNI (CVE-2015-3331) Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: Romain Francoise <rfrancoise@debianorg> Date: Tue, 14 Apr 2015 08:57:02 UTC Severity: n ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2014-8159 It was found that the Linux kernel's InfiniBand/RDMA subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API ...

Several security issues were fixed in the kernel ...

A flaw was found in the way the Linux kernel's 32-bit emulation implementation handled forking or closing of a task with an 'int80' entry A local user could potentially use this flaw to escalate their privileges on the system ...

CWE-264 https://github.com/torvalds/linux/commit/956421fbb74c3a6261903f3836c0740187cf038b https://bugzilla.redhat.com/show_bug.cgi?id=1208598 http://www.openwall.com/lists/oss-security/2015/04/02/1 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.2 http://www.debian.org/security/2015/dsa-3237 http://www.ubuntu.com/usn/USN-2631-1 http://www.ubuntu.com/usn/USN-2632-1 http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html http://www.securitytracker.com/id/1032413 http://rhn.redhat.com/errata/RHSA-2015-1221.html http://rhn.redhat.com/errata/RHSA-2015-1138.html http://rhn.redhat.com/errata/RHSA-2015-1137.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=956421fbb74c3a6261903f3836c0740187cf038b https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782561 https://www.debian.org/security/./dsa-3237 https://nvd.nist.gov https://usn.ubuntu.com/2614-1/https://access.redhat.com/security/cve/cve-2015-2830

CVE-2015-2830

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect