Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-1593

Опубликовано: 16 мар. 2015
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 5

Описание

The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c.

РелизСтатусПримечание
devel

not-affected

4.10.0-19.21
esm-infra-legacy/trusty

not-affected

3.13.0-49.81
esm-infra/xenial

not-affected

4.2.0-16.19
lucid

ignored

end of life
precise

released

3.2.0-80.116
precise/esm

not-affected

3.2.0-80.116
trusty

released

3.13.0-49.81
trusty/esm

not-affected

3.13.0-49.81
upstream

released

4.0~rc1
utopic

released

3.16.0-34.45

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

released

3.2.0-1648.67
precise/esm

DNE

precise was released [3.2.0-1648.67]
trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

not-affected

4.4.0-1002.2
esm-infra/xenial

not-affected

4.4.0-1001.10
precise

DNE

precise/esm

DNE

trusty

not-affected

4.4.0-1002.2
trusty/esm

not-affected

4.4.0-1002.2
upstream

released

4.0~rc1
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

ignored

end of life
precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored]
lucid

DNE

precise

DNE

precise/esm

DNE

trusty

ignored

trusty/esm

DNE

trusty was ignored
upstream

released

4.0~rc1
utopic

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

ignored

end of life
precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

xenial

not-affected

4.4.0-1003.3

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored]
lucid

DNE

precise

DNE

precise/esm

DNE

trusty

ignored

trusty/esm

DNE

trusty was ignored
upstream

released

4.0~rc1
utopic

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored]
lucid

DNE

precise

DNE

precise/esm

DNE

trusty

ignored

trusty/esm

DNE

trusty was ignored
upstream

released

4.0~rc1
utopic

ignored

end of life
vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

4.8.0-36.36~16.04.1
precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

4.8.0-36.36~16.04.1
precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

ignored

end of life
precise/esm

DNE

precise was ignored [abandoned]
trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

ignored

end of life
precise/esm

DNE

precise was ignored [abandoned]
trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

ignored

end of life
precise/esm

DNE

precise was ignored [abandoned]
trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

ignored

end of life, was pending
precise/esm

DNE

precise was ignored [was pending [3.5.0-60.87~precise1] OEM release]
trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

ignored

end of life, was needs-triage
precise/esm

ignored

end of life, was needs-triage
trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

ignored

end of life, was pending
precise/esm

DNE

precise was ignored [was pending [3.11.0-33.54~precise1] OEM release]
trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

released

3.13.0-49.81~precise1
precise/esm

not-affected

3.13.0-49.81~precise1
trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [3.16.0-34.45~14.04.1]]
lucid

DNE

precise

DNE

precise/esm

DNE

trusty

released

3.16.0-34.45~14.04.1
trusty/esm

DNE

trusty was released [3.16.0-34.45~14.04.1]
upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [3.19.0-18.18~14.04.1]]
lucid

DNE

precise

DNE

precise/esm

DNE

trusty

not-affected

3.19.0-18.18~14.04.1
trusty/esm

DNE

trusty was not-affected [3.19.0-18.18~14.04.1]
upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [4.2.0-18.22~14.04.1]]
precise

DNE

precise/esm

DNE

trusty

not-affected

4.2.0-18.22~14.04.1
trusty/esm

DNE

trusty was not-affected [4.2.0-18.22~14.04.1]
upstream

released

4.0~rc1
vivid

DNE

vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

not-affected

4.4.0-13.29~14.04.1
precise

DNE

precise/esm

DNE

trusty

not-affected

4.4.0-13.29~14.04.1
trusty/esm

not-affected

4.4.0-13.29~14.04.1
upstream

released

4.0~rc1
vivid

DNE

vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored]
lucid

DNE

precise

DNE

precise/esm

DNE

trusty

ignored

trusty/esm

DNE

trusty was ignored
upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored]
lucid

DNE

precise

DNE

precise/esm

DNE

trusty

ignored

trusty/esm

DNE

trusty was ignored
upstream

released

4.0~rc1
utopic

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored]
lucid

DNE

precise

DNE

precise/esm

DNE

trusty

ignored

trusty/esm

DNE

trusty was ignored
upstream

released

4.0~rc1
utopic

ignored

end of life
vivid

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

ignored

end of life
precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

ignored

end of life
precise

ignored

end of life
precise/esm

DNE

precise was ignored [abandoned]
trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

not-affected

4.10.0-1004.6
esm-infra-legacy/trusty

DNE

precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
vivid

DNE

vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

released

4.2.0-1014.21

Показывать по

РелизСтатусПримечание
devel

not-affected

4.4.0-1050.54
esm-infra-legacy/trusty

DNE

precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

released

3.2.0-1462.82
precise/esm

DNE

precise was released [3.2.0-1462.82]
trusty

DNE

trusty/esm

DNE

upstream

released

4.0~rc1
utopic

DNE

vivid

DNE

Показывать по

EPSS

Процентиль: 80%
0.01439
Низкий

5 Medium

CVSS2

Связанные уязвимости

redhat
больше 10 лет назад

The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c.

nvd
больше 10 лет назад

The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c.

debian
больше 10 лет назад

The stack randomization feature in the Linux kernel before 3.19.1 on 6 ...

github
около 3 лет назад

The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c.

oracle-oval
около 10 лет назад

ELSA-2015-3047: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 80%
0.01439
Низкий

5 Medium

CVSS2