Published: 07/06/2015 Updated: 12/12/2022

CVSS v2 Base Score: 8.5 | Impact Score: 7.8 | Exploitability Score: 10

VMScore: 756

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:C

The OZWPAN driver in the Linux kernel up to and including 4.0.5 relies on an untrusted length field during packet parsing, which allows remote malicious users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via a crafted packet.

Vulnerable Product	Search on Vulmon	Subscribe to Product
canonical ubuntu linux 15.10
canonical ubuntu linux 14.04
canonical ubuntu linux 12.04
linux linux kernel

Several security issues were fixed in the kernel ...

CWE-119 http://openwall.com/lists/oss-security/2015/06/05/7 https://lkml.org/lkml/2015/5/13/739 http://www.ubuntu.com/usn/USN-3000-1 http://www.ubuntu.com/usn/USN-2998-1 http://www.ubuntu.com/usn/USN-3002-1 http://www.ubuntu.com/usn/USN-3003-1 http://www.ubuntu.com/usn/USN-3001-1 http://www.ubuntu.com/usn/USN-3004-1 http://www.ubuntu.com/usn/USN-2989-1 http://www.securityfocus.com/bid/74669 https://nvd.nist.gov https://usn.ubuntu.com/3003-1/

CVE-2015-4004

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect