{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-12-14T00:00:00", "descriptions": [{"lang": "en", "value": "The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-01-06T16:16:06", "orgId": "f81092c5-7f14-476d-80dc-24857f90be84", "shortName": "microfocus"}, "references": [{"name": "[oss-security] 20151215 Re: CVE Request: Linux Kernel: information leak from getsockname", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/12/15/11"}, {"name": "USN-2886-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2886-1"}, {"name": "USN-2890-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2890-3"}, {"name": "79428", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/79428"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1"}, {"tags": ["x_refsource_MISC"], "url": "http://twitter.com/grsecurity/statuses/676744240802750464"}, {"name": "SUSE-SU-2016:1102", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"}, {"name": "[linux-kernel] 20151214 Information leak in pptp_bind", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lkml.org/lkml/2015/12/14/252"}, {"name": "FEDORA-2016-5d43766e33", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"}, {"name": "SUSE-SU-2016:2074", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"}, {"name": "USN-2890-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2890-2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/09ccfd238e5a0e670d8178cf50180ea81ae09ae1"}, {"name": "1034549", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1034549"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292045"}, {"name": "USN-2890-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2890-1"}, {"name": "DSA-3434", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3434"}, {"name": "USN-2888-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2888-1"}, {"name": "SUSE-SU-2016:0911", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@microfocus.com", "ID": "CVE-2015-8569", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20151215 Re: CVE Request: Linux Kernel: information leak from getsockname", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/12/15/11"}, {"name": "USN-2886-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2886-1"}, {"name": "USN-2890-3", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2890-3"}, {"name": "79428", "refsource": "BID", "url": "http://www.securityfocus.com/bid/79428"}, {"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1", "refsource": "CONFIRM", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1"}, {"name": "http://twitter.com/grsecurity/statuses/676744240802750464", "refsource": "MISC", "url": "http://twitter.com/grsecurity/statuses/676744240802750464"}, {"name": "SUSE-SU-2016:1102", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"}, {"name": "[linux-kernel] 20151214 Information leak in pptp_bind", "refsource": "MLIST", "url": "https://lkml.org/lkml/2015/12/14/252"}, {"name": "FEDORA-2016-5d43766e33", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"}, {"name": "SUSE-SU-2016:2074", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"}, {"name": "USN-2890-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2890-2"}, {"name": "https://github.com/torvalds/linux/commit/09ccfd238e5a0e670d8178cf50180ea81ae09ae1", "refsource": "CONFIRM", "url": "https://github.com/torvalds/linux/commit/09ccfd238e5a0e670d8178cf50180ea81ae09ae1"}, {"name": "1034549", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034549"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1292045", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292045"}, {"name": "USN-2890-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2890-1"}, {"name": "DSA-3434", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3434"}, {"name": "USN-2888-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2888-1"}, {"name": "SUSE-SU-2016:0911", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T08:20:43.262Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20151215 Re: CVE Request: Linux Kernel: information leak from getsockname", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2015/12/15/11"}, {"name": "USN-2886-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2886-1"}, {"name": "USN-2890-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2890-3"}, {"name": "79428", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/79428"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://twitter.com/grsecurity/statuses/676744240802750464"}, {"name": "SUSE-SU-2016:1102", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"}, {"name": "[linux-kernel] 20151214 Information leak in pptp_bind", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lkml.org/lkml/2015/12/14/252"}, {"name": "FEDORA-2016-5d43766e33", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"}, {"name": "SUSE-SU-2016:2074", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"}, {"name": "USN-2890-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2890-2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/09ccfd238e5a0e670d8178cf50180ea81ae09ae1"}, {"name": "1034549", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1034549"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292045"}, {"name": "USN-2890-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2890-1"}, {"name": "DSA-3434", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3434"}, {"name": "USN-2888-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2888-1"}, {"name": "SUSE-SU-2016:0911", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"}]}]}, "cveMetadata": {"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84", "assignerShortName": "microfocus", "cveId": "CVE-2015-8569", "datePublished": "2015-12-28T11:00:00", "dateReserved": "2015-12-15T00:00:00", "dateUpdated": "2024-08-06T08:20:43.262Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "17376827-DFED-4E71-8D4A-5E5C44073D57", "versionEndIncluding": "4.3.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application."}, {"lang": "es", "value": "Las funciones (1) pptp_bind y (2) pptp_connect en drivers/net/ppp/pptp.c en el kernel de Linux hasta la versi\u00f3n 4.3.3 no verifican la longitud de una direcci\u00f3n, lo que permite a usuarios locales obtener informaci\u00f3n sensible de la memoria del kernel y eludir el mecanismo de protecci\u00f3n KASLR a trav\u00e9s de una aplicaci\u00f3n manipulada."}], "id": "CVE-2015-8569", "lastModified": "2023-11-07T02:28:32.927", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 0.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2015-12-28T11:59:07.030", "references": [{"source": "security@opentext.com", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1"}, {"source": "security@opentext.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"}, {"source": "security@opentext.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"}, {"source": "security@opentext.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"}, {"source": "security@opentext.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"}, {"source": "security@opentext.com", "url": "http://twitter.com/grsecurity/statuses/676744240802750464"}, {"source": "security@opentext.com", "url": "http://www.debian.org/security/2016/dsa-3434"}, {"source": "security@opentext.com", "url": "http://www.openwall.com/lists/oss-security/2015/12/15/11"}, {"source": "security@opentext.com", "url": "http://www.securityfocus.com/bid/79428"}, {"source": "security@opentext.com", "url": "http://www.securitytracker.com/id/1034549"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-2886-1"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-2888-1"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-2890-1"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-2890-2"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-2890-3"}, {"source": "security@opentext.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292045"}, {"source": "security@opentext.com", "url": "https://github.com/torvalds/linux/commit/09ccfd238e5a0e670d8178cf50180ea81ae09ae1"}, {"source": "security@opentext.com", "url": "https://lkml.org/lkml/2015/12/14/252"}], "sourceIdentifier": "security@opentext.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: Information leak from getsockname", "id": "1292045", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292045"}, "csaw": false, "cvss": {"cvss_base_score": "1.7", "cvss_scoring_vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "status": "draft"}, "cwe": "CWE-125", "details": ["The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.", "An out-of-bounds flaw was found in the kernel, where the length of the sockaddr parameter was not checked in the pptp_bind() and pptp_connect() functions. As a result, more kernel memory was copied out than required, leaking information from the kernel stack (including kernel addresses). A local system user could exploit this flaw to bypass kernel ASLR or leak other information."], "name": "CVE-2015-8569", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Will not fix", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2015-12-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-8569\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-8569"], "statement": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6 as the code with the flaw is not present in the products listed.\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "threat_severity": "Low"}