net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for (1) sendto and (2) recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the copy_from_iter function in the iov_iter interface, as demonstrated by the Bluetooth subsystem.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2016-05-02T10:00:00
Updated: 2024-08-06T05:24:38.286Z
Reserved: 2015-03-23T00:00:00
Link: CVE-2015-2686
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2016-05-02T10:59:11.453
Modified: 2016-06-27T23:57:09.427
Link: CVE-2015-2686
Redhat