QwikSec

Security Database

CVE

CWE

Training

CVE-2015-2686

Published: May 2, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for (1) sendto and (2) recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the copy_from_iter function in the iov_iter interface, as demonstrated by the Bluetooth subsystem.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://grsecurity.net/~spender/viro.txt

x_refsource_MISC

vdb-entry

x_refsource_BID

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4de930efc23b92ddf88ce91c405ee645fe6e27ea

x_refsource_CONFIRM

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.3

x_refsource_CONFIRM

http://twitter.com/grsecurity/statuses/579050211605102592

x_refsource_MISC

http://twitter.com/grsecurity/statuses/579060953477701632

x_refsource_MISC

http://twitter.com/grsecurity/statuses/579075689439059968

x_refsource_MISC

[oss-security] 20150323 CVE Request: Linux kernel: sys_sendto/sys_recvfrom does not validate the user provided ubuf pointer

mailing-list

x_refsource_MLIST

https://github.com/torvalds/linux/commit/4de930efc23b92ddf88ce91c405ee645fe6e27ea

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1205242

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.