Back to search
CVE-2015-1805
Published: Aug 8, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2015:1211
vendor-advisory
x_refsource_REDHAT
DSA-3290
vendor-advisory
x_refsource_DEBIAN
1032454
vdb-entry
x_refsource_SECTRACK
SUSE-SU-2015:1491
vendor-advisory
x_refsource_SUSE
74951
vdb-entry
x_refsource_BID
RHSA-2015:1120
vendor-advisory
x_refsource_REDHAT
USN-2967-1
vendor-advisory
x_refsource_UBUNTU
SUSE-SU-2015:1489
vendor-advisory
x_refsource_SUSE
http://source.android.com/security/bulletin/2016-05-01.html
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1202855
x_refsource_CONFIRM
SUSE-SU-2015:1488
vendor-advisory
x_refsource_SUSE
USN-2680-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2015:1082
vendor-advisory
x_refsource_REDHAT
USN-2679-1
vendor-advisory
x_refsource_UBUNTU
SUSE-SU-2015:1611
vendor-advisory
x_refsource_SUSE
USN-2967-2
vendor-advisory
x_refsource_UBUNTU
SUSE-SU-2015:1324
vendor-advisory
x_refsource_SUSE
RHSA-2015:1138
vendor-advisory
x_refsource_REDHAT
RHSA-2015:1190
vendor-advisory
x_refsource_REDHAT
[oss-security] 20150606 CVE-2015-1805 Linux kernel: pipe: iovec overrun leading to memory corruption
mailing-list
x_refsource_MLIST
RHSA-2015:1199
vendor-advisory
x_refsource_REDHAT
USN-2681-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2015:1042
vendor-advisory
x_refsource_REDHAT
SUSE-SU-2015:1478
vendor-advisory
x_refsource_SUSE
SUSE-SU-2015:1490
vendor-advisory
x_refsource_SUSE
http://source.android.com/security/bulletin/2016-04-02.html
x_refsource_CONFIRM
SUSE-SU-2015:1224
vendor-advisory
x_refsource_SUSE
RHSA-2015:1137
vendor-advisory
x_refsource_REDHAT
SUSE-SU-2015:1487
vendor-advisory
x_refsource_SUSE
SUSE-SU-2015:1592
vendor-advisory
x_refsource_SUSE
RHSA-2015:1081
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now