Published: 08/02/2016 Updated: 07/11/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 4 | Impact Score: 1.4 | Exploitability Score: 2.5

VMScore: 188

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel prior to 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Debian Bug report logs - #808293 Regression in short UDP reads caused by "net: Fix skb csum races when peeking" Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Affects: freeradius Reported by: Francesco Politi <fpoliti@micsoit> Date: Fri, 18 Dec 2015 12:09:01 UTC ...

An out-of-bounds flaw was found in the kernel, where the sco_sock_bind() function (bluetooth/sco) did not check the length of its sockaddr parameter As a result, more kernel memory was copied out than required, leaking information from the kernel stack (including kernel addresses) A local user could exploit this flaw to bypass kernel ASLR or leak ...

Several security issues were fixed in the kernel ...

USN-2910-1 introduced a regression in the Ubuntu 1504 Linux kernel backported to Ubuntu 1404 LTS ...

Several security issues were fixed in the kernel ...

CWE-200 https://bugzilla.redhat.com/show_bug.cgi?id=1292840 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4 http://www.openwall.com/lists/oss-security/2015/12/16/3 http://www.ubuntu.com/usn/USN-2886-1 http://www.ubuntu.com/usn/USN-2890-3 https://github.com/torvalds/linux/commit/5233252fce714053f0151680933571a2da9cbfb4 http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4 http://www.securityfocus.com/bid/79724 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html http://www.ubuntu.com/usn/USN-2890-2 http://www.ubuntu.com/usn/USN-2890-1 http://www.debian.org/security/2016/dsa-3434 http://www.ubuntu.com/usn/USN-2888-1 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808293 https://usn.ubuntu.com/2886-1/https://access.redhat.com/security/cve/cve-2015-8575

CVE-2015-8575

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect