Vulnerability Details : CVE-2015-5707
Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2015-5707
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Threat overview for CVE-2015-5707
Top countries where our scanners detected CVE-2015-5707
Top open port discovered on systems with this issue
49152
IPs affected by CVE-2015-5707 12,232
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2015-5707!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2015-5707
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 8 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-5707
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
CWE ids for CVE-2015-5707
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-5707
-
http://www.ubuntu.com/usn/USN-2750-1
USN-2750-1: Linux kernel (Utopic HWE) vulnerability | Ubuntu security noticesThird Party Advisory
-
http://www.securityfocus.com/bid/76145
Linux Kernel '/scsi/sg.c' Integer Overflow VulnerabilityThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00029.html
[security-announce] SUSE-SU-2015:2087-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
[security-announce] SUSE-SU-2015:1592-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00030.html
[security-announce] SUSE-SU-2015:2089-1: important: Security update forMailing List;Third Party Advisory
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=451a2886b6bf90e2fb378f7c46c655450fb96e81
kernel/git/torvalds/linux.git - Linux kernel source treePatch;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00032.html
[security-announce] SUSE-SU-2015:2091-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00026.html
[security-announce] SUSE-SU-2015:2084-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
[security-announce] SUSE-SU-2015:1611-1: important: Security update forMailing List;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1250030
1250030 – (CVE-2015-5707) CVE-2015-5707 kernel: number wraparound vulnerability in function start_req()Issue Tracking;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00028.html
[security-announce] SUSE-SU-2015:2086-1: important: Security update forMailing List;Third Party Advisory
-
http://www.debian.org/security/2015/dsa-3329
Debian -- Security Information -- DSA-3329-1 linuxThird Party Advisory
-
http://www.securitytracker.com/id/1033521
Linux Kernel SCSI Generic Driver Integer Overflow Lets Local Users Obtain Root Privileges - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
[security-announce] SUSE-SU-2015:1478-1: important: Security update forMailing List;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2760-1
USN-2760-1: Linux kernel (OMAP4) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2733-1
USN-2733-1: Linux kernel (Trusty HWE) vulnerability | Ubuntu security noticesThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2738-1
USN-2738-1: Linux kernel vulnerability | Ubuntu security noticesThird Party Advisory
-
https://github.com/torvalds/linux/commit/451a2886b6bf90e2fb378f7c46c655450fb96e81
sg_start_req(): make sure that there's not too many elements in iovec · torvalds/linux@451a288 · GitHubPatch;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2734-1
USN-2734-1: Linux kernel vulnerability | Ubuntu security noticesThird Party Advisory
-
https://source.android.com/security/bulletin/2017-07-01
Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2759-1
USN-2759-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdc81f45e9f57858da6351836507fbcf1b7583ee
kernel/git/torvalds/linux.git - Linux kernel source treePatch;Vendor Advisory
-
https://github.com/torvalds/linux/commit/fdc81f45e9f57858da6351836507fbcf1b7583ee
sg_start_req(): use import_iovec() · torvalds/linux@fdc81f4 · GitHubPatch;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2737-1
USN-2737-1: Linux kernel (Vivid HWE) vulnerability | Ubuntu security noticesThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00031.html
[security-announce] SUSE-SU-2015:2090-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00027.html
[security-announce] SUSE-SU-2015:2085-1: important: Security update forMailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2015/08/01/6
oss-security - CVE request: Integer overflow in SCSI generic driver in Linux <4.1Mailing List;Third Party Advisory
Jump to