CVE-2015-8830 : Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linu

Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression.

Published 2016-05-02 10:59:21

Updated 2025-04-12 10:46:41

Source Debian GNU/Linux

View at NVD, CVE.org

Vulnerability category: OverflowDenial of service

Products affected by CVE-2015-8830

Linux » Linux Kernel » Version: 4.0
cpe:2.3:o:linux:linux_kernel:4.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2015-8830

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 12 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-8830

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2015-8830

https://access.redhat.com/errata/RHSA-2018:3096

RHSA-2018:3096 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://github.com/torvalds/linux/commit/c4f4b82694fe48b02f7a881a1797131a6dad1364

AIO: properly check iovec sizes · torvalds/linux@c4f4b82 · GitHub
Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:1854

RHSA-2018:1854 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://github.com/torvalds/linux/commit/4c185ce06dca14f5cea192f5a2c981ef50663f2b

aio: lift iov_iter_init() into aio_setup_..._rw() · torvalds/linux@4c185ce · GitHub
Vendor Advisory
http://www.debian.org/security/2016/dsa-3503

Debian -- Security Information -- DSA-3503-1 linux

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2018:3083

RHSA-2018:3083 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2970-1

USN-2970-1: Linux kernel (Vivid HWE) vulnerabilities | Ubuntu security notices

CVEs referencing this url
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c4f4b82694fe48b02f7a881a1797131a6dad1364

kernel/git/torvalds/linux.git - Linux kernel source tree
http://www.ubuntu.com/usn/USN-2969-1

USN-2969-1: Linux kernel (Utopic HWE) vulnerabilities | Ubuntu security notices

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2016/03/02/9

oss-security - Re: CVE Request: Linux: aio write triggers integer overflow in some network protocols

CVEs referencing this url
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4c185ce06dca14f5cea192f5a2c981ef50663f2b

kernel/git/torvalds/linux.git - Linux kernel source tree
Vendor Advisory
http://www.ubuntu.com/usn/USN-2968-1

USN-2968-1: Linux kernel vulnerabilities | Ubuntu security notices

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=1314275

1314275 – (CVE-2015-8830) CVE-2015-8830 kernel: AIO write triggers integer overflow in some protocols
http://www.ubuntu.com/usn/USN-2968-2

USN-2968-2: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu security notices

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2015-8830

Products affected by CVE-2015-8830

Exploit prediction scoring system (EPSS) score for CVE-2015-8830

CVSS scores for CVE-2015-8830

References for CVE-2015-8830