{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-01-07T00:00:00", "descriptions": [{"lang": "en", "value": "The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-11-06T00:07:10", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/4e7c22d447bb6d7e37bfe39ff658486ae78e8d77"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.1"}, {"name": "DSA-3170", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2015/dsa-3170"}, {"name": "SUSE-SU-2015:0736", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"}, {"name": "USN-2562-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2562-1"}, {"name": "USN-2565-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2565-1"}, {"name": "USN-2561-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2561-1"}, {"name": "72607", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/72607"}, {"name": "USN-2564-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2564-1"}, {"name": "USN-2563-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2563-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e7c22d447bb6d7e37bfe39ff658486ae78e8d77"}, {"name": "RHSA-2015:1138", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1138.html"}, {"tags": ["x_refsource_MISC"], "url": "http://hmarco.org/bugs/linux-ASLR-integer-overflow.html"}, {"name": "USN-2560-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2560-1"}, {"name": "[oss-security] 20150213 Re: CVE-Request -- Linux ASLR integer overflow", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/02/13/13"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192519"}, {"name": "openSUSE-SU-2015:0714", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html"}, {"name": "RHSA-2015:1137", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1137.html"}, {"name": "[linux-kernel] 20150107 Re: [PATH] Fix stack randomization on x86_64 bit", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lkml.org/lkml/2015/1/7/811"}, {"name": "RHSA-2015:1221", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"}, {"name": "RHSA-2019:3517", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3517"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-1593", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/torvalds/linux/commit/4e7c22d447bb6d7e37bfe39ff658486ae78e8d77", "refsource": "CONFIRM", "url": "https://github.com/torvalds/linux/commit/4e7c22d447bb6d7e37bfe39ff658486ae78e8d77"}, {"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.1", "refsource": "CONFIRM", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.1"}, {"name": "DSA-3170", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3170"}, {"name": "SUSE-SU-2015:0736", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"}, {"name": "USN-2562-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2562-1"}, {"name": "USN-2565-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2565-1"}, {"name": "USN-2561-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2561-1"}, {"name": "72607", "refsource": "BID", "url": "http://www.securityfocus.com/bid/72607"}, {"name": "USN-2564-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2564-1"}, {"name": "USN-2563-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2563-1"}, {"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4e7c22d447bb6d7e37bfe39ff658486ae78e8d77", "refsource": "CONFIRM", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4e7c22d447bb6d7e37bfe39ff658486ae78e8d77"}, {"name": "RHSA-2015:1138", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1138.html"}, {"name": "http://hmarco.org/bugs/linux-ASLR-integer-overflow.html", "refsource": "MISC", "url": "http://hmarco.org/bugs/linux-ASLR-integer-overflow.html"}, {"name": "USN-2560-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2560-1"}, {"name": "[oss-security] 20150213 Re: CVE-Request -- Linux ASLR integer overflow", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/02/13/13"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1192519", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192519"}, {"name": "openSUSE-SU-2015:0714", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html"}, {"name": "RHSA-2015:1137", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1137.html"}, {"name": "[linux-kernel] 20150107 Re: [PATH] Fix stack randomization on x86_64 bit", "refsource": "MLIST", "url": "https://lkml.org/lkml/2015/1/7/811"}, {"name": "RHSA-2015:1221", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"}, {"name": "RHSA-2019:3517", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3517"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T04:47:17.066Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/4e7c22d447bb6d7e37bfe39ff658486ae78e8d77"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.1"}, {"name": "DSA-3170", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2015/dsa-3170"}, {"name": "SUSE-SU-2015:0736", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"}, {"name": "USN-2562-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2562-1"}, {"name": "USN-2565-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2565-1"}, {"name": "USN-2561-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2561-1"}, {"name": "72607", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/72607"}, {"name": "USN-2564-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2564-1"}, {"name": "USN-2563-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2563-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e7c22d447bb6d7e37bfe39ff658486ae78e8d77"}, {"name": "RHSA-2015:1138", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1138.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://hmarco.org/bugs/linux-ASLR-integer-overflow.html"}, {"name": "USN-2560-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2560-1"}, {"name": "[oss-security] 20150213 Re: CVE-Request -- Linux ASLR integer overflow", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2015/02/13/13"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192519"}, {"name": "openSUSE-SU-2015:0714", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html"}, {"name": "RHSA-2015:1137", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1137.html"}, {"name": "[linux-kernel] 20150107 Re: [PATH] Fix stack randomization on x86_64 bit", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lkml.org/lkml/2015/1/7/811"}, {"name": "RHSA-2015:1221", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"}, {"name": "RHSA-2019:3517", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3517"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-1593", "datePublished": "2015-03-16T10:00:00", "dateReserved": "2015-02-13T00:00:00", "dateUpdated": "2024-08-06T04:47:17.066Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:x64:*", "matchCriteriaId": "6F6B5B8A-E1EE-477E-9908-76004F722CCC", "versionEndIncluding": "3.18.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c."}, {"lang": "es", "value": "La caracter\u00edstica de aleatoriedad de la pila en el Kernel de Linux anterior a 3.19.1 en plataformas de 64-bits utiliza un tipo de datos incorrecto por el resultado de operaciones de bitwise left-shift, lo que hace que sea m\u00e1s f\u00e1cil para atacantes evadir el mecanismo de protecci\u00f3n ASLR prediciendo direcciones del tope de la pila, relacionado con la funci\u00f3n andomize_stack_top en fs/binfmt_elf.c y la funci\u00f3n stack_maxrandom_size en arch/x86/mm/mmap.c."}], "id": "CVE-2015-1593", "lastModified": "2023-11-07T02:24:51.093", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-03-16T10:59:07.727", "references": [{"source": "cve@mitre.org", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e7c22d447bb6d7e37bfe39ff658486ae78e8d77"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://hmarco.org/bugs/linux-ASLR-integer-overflow.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2015-1137.html"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2015-1138.html"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2015/dsa-3170"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.1"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2015/02/13/13"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/72607"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2560-1"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2561-1"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2562-1"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2563-1"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2564-1"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2565-1"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:3517"}, {"source": "cve@mitre.org", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192519"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://github.com/torvalds/linux/commit/4e7c22d447bb6d7e37bfe39ff658486ae78e8d77"}, {"source": "cve@mitre.org", "url": "https://lkml.org/lkml/2015/1/7/811"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2015:1221", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "kernel-0:2.6.32-504.30.3.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2015-07-14T00:00:00Z"}, {"advisory": "RHSA-2015:1139", "cpe": "cpe:/a:redhat:rhel_extras_rt:7", "package": "kernel-rt-0:3.10.0-229.7.2.rt56.141.6.el7_1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2015-06-23T00:00:00Z"}, {"advisory": "RHSA-2015:1137", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-0:3.10.0-229.7.2.ael7b", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2015-06-23T00:00:00Z"}, {"advisory": "RHSA-2019:3517", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-147.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2019-11-05T00:00:00Z"}, {"advisory": "RHSA-2015:1138", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "kernel-rt-1:3.10.0-229.rt56.153.el6rt", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2015-06-23T00:00:00Z"}], "bugzilla": {"description": "kernel: Linux stack ASLR implementation Integer overflow", "id": "1192519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192519"}, "csaw": false, "cvss": {"cvss_base_score": "1.9", "cvss_scoring_vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "status": "verified"}, "cwe": "CWE-190", "details": ["The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c.", "An integer overflow flaw was found in the way the Linux kernel randomized the stack for processes on certain 64-bit architecture systems, such as x86-64, causing the stack entropy to be reduced by four."], "name": "CVE-2015-1593", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2015-02-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-1593\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-1593"], "statement": "This issue does affect the Linux kernel versions as shipped with Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2. Future kernel updates in the respective releases may address this issue.\nThis issue does affect the Linux kernel versions as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "threat_severity": "Low"}