Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-2830

Опубликовано: 27 мая 2015
Источник: nvd
CVSS2: 1.9
EPSS Низкий

Описание

arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrated by an attack against seccomp before 3.16.

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 3.19.1 (включая)
Конфигурация 3
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

EPSS

Процентиль: 7%
0.00032
Низкий

1.9 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu
около 10 лет назад

arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrated by an attack against seccomp before 3.16.

redhat
больше 10 лет назад

arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrated by an attack against seccomp before 3.16.

debian
около 10 лет назад

arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not ...

github
около 3 лет назад

arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrated by an attack against seccomp before 3.16.

oracle-oval
около 10 лет назад

ELSA-2015-3047: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 7%
0.00032
Низкий

1.9 Low

CVSS2

Дефекты

CWE-264