cvelistv5 - cve-2015-4002

CVE-2015-4002 (GCVE-0-2015-4002)

Vulnerability from cvelistv5

Published

2015-06-07 23:00

Modified

2024-08-06 06:04

Severity ?

CWE

Summary

drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions.

References

URL

Tags

cve@mitre.org	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8	Vendor Advisory
cve@mitre.org	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e	Vendor Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html	Mailing List, Third Party Advisory
cve@mitre.org	http://openwall.com/lists/oss-security/2015/06/05/7	Mailing List
cve@mitre.org	http://www.securityfocus.com/bid/74668	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.ubuntu.com/usn/USN-2665-1	Third Party Advisory
cve@mitre.org	http://www.ubuntu.com/usn/USN-2667-1	Third Party Advisory
cve@mitre.org	https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8	Vendor Advisory
cve@mitre.org	https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2015/06/05/7	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/74668	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2665-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2667-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e	Vendor Advisory

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:04:02.160Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "74668",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/74668"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
          },
          {
            "name": "USN-2665-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2665-1"
          },
          {
            "name": "openSUSE-SU-2015:1382",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
          },
          {
            "name": "[oss-security] 20150605 Re: CVE Request: Linux Kernel Ozwpan Driver - Remote packet-of-death vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2015/06/05/7"
          },
          {
            "name": "USN-2667-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2667-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-23T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "74668",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/74668"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
        },
        {
          "name": "USN-2665-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2665-1"
        },
        {
          "name": "openSUSE-SU-2015:1382",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
        },
        {
          "name": "[oss-security] 20150605 Re: CVE Request: Linux Kernel Ozwpan Driver - Remote packet-of-death vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2015/06/05/7"
        },
        {
          "name": "USN-2667-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2667-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-4002",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "74668",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/74668"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
            },
            {
              "name": "USN-2665-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2665-1"
            },
            {
              "name": "openSUSE-SU-2015:1382",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
            },
            {
              "name": "[oss-security] 20150605 Re: CVE Request: Linux Kernel Ozwpan Driver - Remote packet-of-death vulnerabilities",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2015/06/05/7"
            },
            {
              "name": "USN-2667-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2667-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-4002",
    "datePublished": "2015-06-07T23:00:00",
    "dateReserved": "2015-05-15T00:00:00",
    "dateUpdated": "2024-08-06T06:04:02.160Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-4002\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2015-06-07T23:59:06.707\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions.\"},{\"lang\":\"es\",\"value\":\"drivers/staging/ozwpan/ozusbsvc1.c en el controlador OZWPAN en el kernel de Linux hasta 4.0.5 no asegura que ciertas valores de longitud est\u00e1n lo suficientemente grandes, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de sistema o bucle grande) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un paquete manipulado, relacionado con las funciones (1) oz_usb_rx y (2) oz_usb_handle_ep_data.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":8.5,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.4.109\",\"matchCriteriaId\":\"BF5DF640-26B7-486C-8A1E-C267A58B107F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.5\",\"versionEndExcluding\":\"3.10.81\",\"matchCriteriaId\":\"ECC7A571-F521-467D-AC01-C14A021C6FB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.11\",\"versionEndExcluding\":\"3.12.45\",\"matchCriteriaId\":\"B3098ADB-0836-42D0-8E95-339E1EF3D9F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.13\",\"versionEndExcluding\":\"3.14.45\",\"matchCriteriaId\":\"B57D2217-EBAE-454F-9DE5-D6F27BC21672\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.15\",\"versionEndExcluding\":\"3.16.35\",\"matchCriteriaId\":\"7DC4BA70-B111-4D2E-BC78-6601CED68F08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.17\",\"versionEndExcluding\":\"3.18.18\",\"matchCriteriaId\":\"2106A163-2CE8-4976-89C8-0DA83B9609F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.19\",\"versionEndExcluding\":\"4.0.6\",\"matchCriteriaId\":\"693B47BD-DBFB-451F-948D-93F48D711099\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E88A537F-F4D0-46B9-9E37-965233C2A355\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03117DF1-3BEC-4B8D-AD63-DBBDB2126081\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://openwall.com/lists/oss-security/2015/06/05/7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.securityfocus.com/bid/74668\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2665-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2667-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://openwall.com/lists/oss-security/2015/06/05/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.securityfocus.com/bid/74668\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2665-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2667-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

fkie_cve-2015-4002

Vulnerability from fkie_nvd

Published

2015-06-07 23:59

Modified

2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8	Vendor Advisory
cve@mitre.org	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e	Vendor Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html	Mailing List, Third Party Advisory
cve@mitre.org	http://openwall.com/lists/oss-security/2015/06/05/7	Mailing List
cve@mitre.org	http://www.securityfocus.com/bid/74668	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.ubuntu.com/usn/USN-2665-1	Third Party Advisory
cve@mitre.org	http://www.ubuntu.com/usn/USN-2667-1	Third Party Advisory
cve@mitre.org	https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8	Vendor Advisory
cve@mitre.org	https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2015/06/05/7	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/74668	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2665-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2667-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e	Vendor Advisory

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	15.10
opensuse	opensuse	13.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF5DF640-26B7-486C-8A1E-C267A58B107F",
              "versionEndExcluding": "3.4.109",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECC7A571-F521-467D-AC01-C14A021C6FB8",
              "versionEndExcluding": "3.10.81",
              "versionStartIncluding": "3.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3098ADB-0836-42D0-8E95-339E1EF3D9F9",
              "versionEndExcluding": "3.12.45",
              "versionStartIncluding": "3.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B57D2217-EBAE-454F-9DE5-D6F27BC21672",
              "versionEndExcluding": "3.14.45",
              "versionStartIncluding": "3.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DC4BA70-B111-4D2E-BC78-6601CED68F08",
              "versionEndExcluding": "3.16.35",
              "versionStartIncluding": "3.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2106A163-2CE8-4976-89C8-0DA83B9609F7",
              "versionEndExcluding": "3.18.18",
              "versionStartIncluding": "3.17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "693B47BD-DBFB-451F-948D-93F48D711099",
              "versionEndExcluding": "4.0.6",
              "versionStartIncluding": "3.19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions."
    },
    {
      "lang": "es",
      "value": "drivers/staging/ozwpan/ozusbsvc1.c en el controlador OZWPAN en el kernel de Linux hasta 4.0.5 no asegura que ciertas valores de longitud est\u00e1n lo suficientemente grandes, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de sistema o bucle grande) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un paquete manipulado, relacionado con las funciones (1) oz_usb_rx y (2) oz_usb_handle_ep_data."
    }
  ],
  "id": "CVE-2015-4002",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 8.5,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-06-07T23:59:06.707",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://openwall.com/lists/oss-security/2015/06/05/7"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/74668"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2665-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2667-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://openwall.com/lists/oss-security/2015/06/05/7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/74668"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2665-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2667-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2015-AVI-357

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans le noyau Linux de OpenSUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

openSUSE 13.2

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité openSUSE-SU-2015:1382-1 du 14 août 2015	None	vendor-advisory
Bulletin de sécurité openSUSE-SU-2015:1382-1 du 14 août 2015	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eopenSUSE 13.2\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-4002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4002"
    },
    {
      "name": "CVE-2015-4692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4692"
    },
    {
      "name": "CVE-2015-3290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3290"
    },
    {
      "name": "CVE-2015-4036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4036"
    },
    {
      "name": "CVE-2015-2922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2922"
    },
    {
      "name": "CVE-2015-4700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4700"
    },
    {
      "name": "CVE-2015-4001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4001"
    },
    {
      "name": "CVE-2015-3339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3339"
    },
    {
      "name": "CVE-2014-9729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9729"
    },
    {
      "name": "CVE-2015-2041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2041"
    },
    {
      "name": "CVE-2014-9728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9728"
    },
    {
      "name": "CVE-2015-4167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4167"
    },
    {
      "name": "CVE-2014-9730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9730"
    },
    {
      "name": "CVE-2015-5366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5366"
    },
    {
      "name": "CVE-2015-1420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1420"
    },
    {
      "name": "CVE-2015-5364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5364"
    },
    {
      "name": "CVE-2015-1465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1465"
    },
    {
      "name": "CVE-2015-3212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3212"
    },
    {
      "name": "CVE-2014-9731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9731"
    },
    {
      "name": "CVE-2015-3636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3636"
    },
    {
      "name": "CVE-2015-4003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4003"
    }
  ],
  "initial_release_date": "2015-08-17T00:00:00",
  "last_revision_date": "2015-08-17T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 openSUSE-SU-2015:1382-1 du 14 ao\u00fbt    2015",
      "url": "https://lwn.net/Articles/654531/"
    }
  ],
  "reference": "CERTFR-2015-AVI-357",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-08-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de OpenSUSE\u003c/span\u003e. Certaines d\u0027entre\nelles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de\nservice \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de OpenSUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 openSUSE-SU-2015:1382-1 du 14 ao\u00fbt 2015",
      "url": null
    }
  ]
}

CERTFR-2015-AVI-283

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans le noyau Linux Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.

Contournement provisoire

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 12.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.10
Ubuntu	Ubuntu	Ubuntu 15.04

References

Title

Publication Time

Tags

Référence CVE CVE-2015-4002	-	other
Bulletin de sécurité Ubuntu USN-2661-1 du 7 juillet 2015	-	other
Bulletin de sécurité Ubuntu USN-2665-1 du 7 juillet 2015	-	other
Référence CVE CVE-2014-9710	-	other
Référence CVE CVE-2015-4003	-	other
Référence CVE CVE-2015-4700	-	other
Bulletin de sécurité Ubuntu USN-2664-1 du 7 juillet 2015	-	other
Référence CVE CVE-2015-4001	-	other
Bulletin de sécurité Ubuntu USN-2660-1 du 7 juillet 2015	-	other
Bulletin de sécurité Ubuntu USN-2663-1 du 7 juillet 2015	-	other
Référence CVE CVE-2015-3281	-	other
Bulletin de sécurité Ubuntu USN-2668-1 du 7 juillet 2015	-	other
Référence CVE CVE-2015-4167	-	other
Référence CVE CVE-2015-1420	-	other
Bulletin de sécurité Ubuntu USN-2667-1 du 7 juillet 2015	-	other
Bulletin de sécurité Ubuntu USN-2662-1 du 7 juillet 2015	-	other
Bulletin de sécurité Ubuntu USN-2666-1 du 7 juillet 2015	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 12.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 15.04",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Contournement provisoire\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-4002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4002"
    },
    {
      "name": "CVE-2015-3281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3281"
    },
    {
      "name": "CVE-2015-4700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4700"
    },
    {
      "name": "CVE-2015-4001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4001"
    },
    {
      "name": "CVE-2015-4167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4167"
    },
    {
      "name": "CVE-2015-1420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1420"
    },
    {
      "name": "CVE-2014-9710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9710"
    },
    {
      "name": "CVE-2015-4003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4003"
    }
  ],
  "initial_release_date": "2015-07-08T00:00:00",
  "last_revision_date": "2015-07-08T00:00:00",
  "links": [
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2015-4002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4002"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2661-1 du 7 juillet 2015",
      "url": "http://www.ubuntu.com/usn/usn-2661-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2665-1 du 7 juillet 2015",
      "url": "http://www.ubuntu.com/usn/usn-2665-1/"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2014-9710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9710"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2015-4003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4003"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2015-4700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4700"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2664-1 du 7 juillet 2015",
      "url": "http://www.ubuntu.com/usn/usn-2664-1/"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2015-4001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4001"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2660-1 du 7 juillet 2015",
      "url": "http://www.ubuntu.com/usn/usn-2660-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2663-1 du 7 juillet 2015",
      "url": "http://www.ubuntu.com/usn/usn-2663-1/"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2015-3281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3281"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2668-1 du 7 juillet 2015",
      "url": "http://www.ubuntu.com/usn/usn-2668-1/"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2015-4167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4167"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2015-1420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1420"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2667-1 du 7 juillet 2015",
      "url": "http://www.ubuntu.com/usn/usn-2667-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2662-1 du 7 juillet 2015",
      "url": "http://www.ubuntu.com/usn/usn-2662-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2666-1 du 7 juillet 2015",
      "url": "http://www.ubuntu.com/usn/usn-2666-1/"
    }
  ],
  "reference": "CERTFR-2015-AVI-283",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-07-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le \u003cspan\nclass=\"textit\"\u003enoyau Linux Ubuntu\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux Ubuntu",
  "vendor_advisories": []
}

gsd-2015-4002

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2015-4002

Aliases

CVE-2015-4002

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-4002",
    "description": "drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions.",
    "id": "GSD-2015-4002",
    "references": [
      "https://www.suse.com/security/cve/CVE-2015-4002.html",
      "https://ubuntu.com/security/CVE-2015-4002"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-4002"
      ],
      "details": "drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions.",
      "id": "GSD-2015-4002",
      "modified": "2023-12-13T01:19:59.966968Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2015-4002",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "74668",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/74668"
          },
          {
            "name": "https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e",
            "refsource": "CONFIRM",
            "url": "https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
          },
          {
            "name": "USN-2665-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-2665-1"
          },
          {
            "name": "openSUSE-SU-2015:1382",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
          },
          {
            "name": "https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8",
            "refsource": "CONFIRM",
            "url": "https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
          },
          {
            "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8",
            "refsource": "CONFIRM",
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
          },
          {
            "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e",
            "refsource": "CONFIRM",
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
          },
          {
            "name": "[oss-security] 20150605 Re: CVE Request: Linux Kernel Ozwpan Driver - Remote packet-of-death vulnerabilities",
            "refsource": "MLIST",
            "url": "http://openwall.com/lists/oss-security/2015/06/05/7"
          },
          {
            "name": "USN-2667-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-2667-1"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.16.35",
                "versionStartIncluding": "3.15",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.4.109",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.10.81",
                "versionStartIncluding": "3.5",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.12.45",
                "versionStartIncluding": "3.11",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.14.45",
                "versionStartIncluding": "3.13",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.18.18",
                "versionStartIncluding": "3.17",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.0.6",
                "versionStartIncluding": "3.19",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-4002"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
            },
            {
              "name": "[oss-security] 20150605 Re: CVE Request: Linux Kernel Ozwpan Driver - Remote packet-of-death vulnerabilities",
              "refsource": "MLIST",
              "tags": [
                "Mailing List"
              ],
              "url": "http://openwall.com/lists/oss-security/2015/06/05/7"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
            },
            {
              "name": "74668",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/74668"
            },
            {
              "name": "openSUSE-SU-2015:1382",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
            },
            {
              "name": "USN-2667-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2667-1"
            },
            {
              "name": "USN-2665-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2665-1"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 8.5,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2022-11-03T02:03Z",
      "publishedDate": "2015-06-07T23:59Z"
    }
  }
}

ghsa-qf23-rh7h-w8wf

Vulnerability from github

Published

2022-05-17 03:14

Modified

2022-05-17 03:14

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-4002"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-06-07T23:59:00Z",
    "severity": "HIGH"
  },
  "details": "drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions.",
  "id": "GHSA-qf23-rh7h-w8wf",
  "modified": "2022-05-17T03:14:23Z",
  "published": "2022-05-17T03:14:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4002"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2015/06/05/7"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/74668"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2665-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2667-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cnvd-2015-03715

Vulnerability from cnvd

Title

Linux kernel OZWPAN驱动程序拒绝服务漏洞（CNVD-2015-03715）

Description

Linux kernel是一个开源的操作系统。OZWPAN是其中的一个接收、解析和转发网络数据包的驱动。 Linux kernel OZWPAN驱动程序存在安全漏洞，由于程序的rivers/staging/ozwpan/ozusbsvc1.c文件中的‘oz_usb_rx’和‘oz_usb_handle_ep_data’函数未能正确检查特定的长度值的大小。允许远程攻击者利用漏洞提交特殊的请求进行拒绝服务攻击。

Severity

高

Patch Name

Linux kernel OZWPAN驱动程序拒绝服务漏洞（CNVD-2015-03715）的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请用户及时下载更新： http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8

Reference

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4002

Impacted products

Name
Linux Kernel < 4.0.5

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-4002"
    }
  },
  "description": "Linux kernel\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002OZWPAN\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u63a5\u6536\u3001\u89e3\u6790\u548c\u8f6c\u53d1\u7f51\u7edc\u6570\u636e\u5305\u7684\u9a71\u52a8\u3002\r\n\r\nLinux kernel OZWPAN\u9a71\u52a8\u7a0b\u5e8f\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u7531\u4e8e\u7a0b\u5e8f\u7684rivers/staging/ozwpan/ozusbsvc1.c\u6587\u4ef6\u4e2d\u7684\u2018oz_usb_rx\u2019\u548c\u2018oz_usb_handle_ep_data\u2019\u51fd\u6570\u672a\u80fd\u6b63\u786e\u68c0\u67e5\u7279\u5b9a\u7684\u957f\u5ea6\u503c\u7684\u5927\u5c0f\u3002\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "discovererName": "anonymous",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u7528\u6237\u53ca\u65f6\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttp://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-03715",
  "openTime": "2015-06-12",
  "patchDescription": "Linux kernel\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002OZWPAN\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u63a5\u6536\u3001\u89e3\u6790\u548c\u8f6c\u53d1\u7f51\u7edc\u6570\u636e\u5305\u7684\u9a71\u52a8\u3002\r\n\r\nLinux kernel OZWPAN\u9a71\u52a8\u7a0b\u5e8f\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u7531\u4e8e\u7a0b\u5e8f\u7684rivers/staging/ozwpan/ozusbsvc1.c\u6587\u4ef6\u4e2d\u7684\u2018oz_usb_rx\u2019\u548c\u2018oz_usb_handle_ep_data\u2019\u51fd\u6570\u672a\u80fd\u6b63\u786e\u68c0\u67e5\u7279\u5b9a\u7684\u957f\u5ea6\u503c\u7684\u5927\u5c0f\u3002\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Linux kernel OZWPAN\u9a71\u52a8\u7a0b\u5e8f\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2015-03715\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Linux Kernel \u003c 4.0.5"
  },
  "referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4002",
  "serverity": "\u9ad8",
  "submitTime": "2015-06-08",
  "title": "Linux kernel OZWPAN\u9a71\u52a8\u7a0b\u5e8f\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2015-03715\uff09"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2015-4002 (GCVE-0-2015-4002)

Vulnerability from cvelistv5

fkie_cve-2015-4002

Vulnerability from fkie_nvd

CERTFR-2015-AVI-357

Vulnerability from certfr_avis

Solution

CERTFR-2015-AVI-283

Vulnerability from certfr_avis

Contournement provisoire

gsd-2015-4002

Vulnerability from gsd

ghsa-qf23-rh7h-w8wf

Vulnerability from github

cnvd-2015-03715

Vulnerability from cnvd

Tags

Sightings

Nomenclature