Vulnerability Details : CVE-2015-8543
The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.
Vulnerability category: Denial of service
Products affected by CVE-2015-8543
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-8543
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 18 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-8543
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST | |
|
7.0
|
HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST |
References for CVE-2015-8543
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html
[security-announce] SUSE-SU-2016:0911-1: important: Security update forMailing List;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2890-3
USN-2890-3: Linux kernel (Raspberry Pi 2) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html
[security-announce] SUSE-SU-2016:1102-1: important: Security update forMailing List;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-2574.html
RHSA-2016:2574 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2886-1
USN-2886-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
[security-announce] SUSE-SU-2016:2074-1: important: Security update forMailing List;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1290475
1290475 – (CVE-2015-8543) CVE-2015-8543 kernel: IPv6 connect causes DoS via NULL pointer dereferenceIssue Tracking;Third Party Advisory
-
http://www.debian.org/security/2016/dsa-3434
Debian -- Security Information -- DSA-3434-1 linuxThird Party Advisory
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Oracle Linux Bulletin - April 2016Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-0855.html
RHSA-2016:0855 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9
net: add validation for the socket syscall protocol argument · torvalds/linux@79462ad · GitHubVendor Advisory
-
http://www.securityfocus.com/bid/79698
Google Android Kernel CVE-2015-8543 Null Pointer Deference Local Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
http://www.debian.org/security/2015/dsa-3426
Debian -- Security Information -- DSA-3426-1 linuxThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2890-1
USN-2890-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2888-1
USN-2888-1: Linux kernel (Utopic HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2890-2
USN-2890-2: Linux kernel (Wily HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-2584.html
RHSA-2016:2584 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9
kernel/git/torvalds/linux.git - Linux kernel source treeVendor Advisory
-
http://www.openwall.com/lists/oss-security/2015/12/09/5
oss-security - Re: CVE request - Android kernel - IPv6 connect cause a denial of serviceMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1034892
Linux Kernel Protocol Identifier Bug Lets Local Users Cause Denial of Service Conditions on the Target System - SecurityTrackerThird Party Advisory;VDB Entry
Jump to