Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

0

CVE-2015-1805

Disclosure Date: August 08, 2015 •

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an “I/O vector array overrun.”

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

Products

References

Canonical

CVE-2015-1805 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805)

BID-74951 (http://www.securityfocus.com/bid/74951)

Advisory

http://rhn.redhat.com/errata/RHSA-2015-1211.html

DSA-3290 (http://www.debian.org/security/2015/dsa-3290)

SECTRACK-1032454 (http://www.securitytracker.com/id/1032454)

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html

http://rhn.redhat.com/errata/RHSA-2015-1120.html

USN-2967-1 (http://www.ubuntu.com/usn/USN-2967-1)

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html

http://source.android.com/security/bulletin/2016-05-01.html

https://bugzilla.redhat.com/show_bug.cgi?id=1202855

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html

USN-2680-1 (http://www.ubuntu.com/usn/USN-2680-1)

http://rhn.redhat.com/errata/RHSA-2015-1082.html

USN-2679-1 (http://www.ubuntu.com/usn/USN-2679-1)

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html

USN-2967-2 (http://www.ubuntu.com/usn/USN-2967-2)

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html

http://rhn.redhat.com/errata/RHSA-2015-1138.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

http://rhn.redhat.com/errata/RHSA-2015-1190.html

[oss-security] 20150606 CVE-2015-1805 Linux kernel: pipe: iovec overrun leading to memory corruption (http://www.openwall.com/lists/oss-security/2015/06/06/2)

http://rhn.redhat.com/errata/RHSA-2015-1199.html

USN-2681-1 (http://www.ubuntu.com/usn/USN-2681-1)

http://rhn.redhat.com/errata/RHSA-2015-1042.html

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html

http://source.android.com/security/bulletin/2016-04-02.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html

http://rhn.redhat.com/errata/RHSA-2015-1137.html

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit?id=637b58c2887e5e57850865839cc75f59184b23d1

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html

https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045

https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1

http://rhn.redhat.com/errata/RHSA-2015-1081.html

Miscellaneous

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045

Rapid7

Technical Analysis