{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-12-16T00:00:00", "descriptions": [{"lang": "en", "value": "The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-01-06T16:16:03", "orgId": "f81092c5-7f14-476d-80dc-24857f90be84", "shortName": "microfocus"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292840"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4"}, {"name": "[oss-security] 20151216 Re: CVE Request: Linux Kernel: information leak from getsockname", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/12/16/3"}, {"name": "USN-2886-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2886-1"}, {"name": "USN-2890-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2890-3"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/5233252fce714053f0151680933571a2da9cbfb4"}, {"name": "SUSE-SU-2016:1102", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4"}, {"name": "79724", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/79724"}, {"name": "FEDORA-2016-5d43766e33", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"}, {"name": "SUSE-SU-2016:2074", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"}, {"name": "USN-2890-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2890-2"}, {"name": "USN-2890-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2890-1"}, {"name": "DSA-3434", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3434"}, {"name": "USN-2888-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2888-1"}, {"name": "SUSE-SU-2016:0911", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@microfocus.com", "ID": "CVE-2015-8575", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1292840", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292840"}, {"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4", "refsource": "CONFIRM", "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4"}, {"name": "[oss-security] 20151216 Re: CVE Request: Linux Kernel: information leak from getsockname", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/12/16/3"}, {"name": "USN-2886-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2886-1"}, {"name": "USN-2890-3", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2890-3"}, {"name": "https://github.com/torvalds/linux/commit/5233252fce714053f0151680933571a2da9cbfb4", "refsource": "CONFIRM", "url": "https://github.com/torvalds/linux/commit/5233252fce714053f0151680933571a2da9cbfb4"}, {"name": "SUSE-SU-2016:1102", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"}, {"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4", "refsource": "CONFIRM", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4"}, {"name": "79724", "refsource": "BID", "url": "http://www.securityfocus.com/bid/79724"}, {"name": "FEDORA-2016-5d43766e33", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"}, {"name": "SUSE-SU-2016:2074", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"}, {"name": "USN-2890-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2890-2"}, {"name": "USN-2890-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2890-1"}, {"name": "DSA-3434", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3434"}, {"name": "USN-2888-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2888-1"}, {"name": "SUSE-SU-2016:0911", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T08:20:43.539Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292840"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4"}, {"name": "[oss-security] 20151216 Re: CVE Request: Linux Kernel: information leak from getsockname", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2015/12/16/3"}, {"name": "USN-2886-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2886-1"}, {"name": "USN-2890-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2890-3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/5233252fce714053f0151680933571a2da9cbfb4"}, {"name": "SUSE-SU-2016:1102", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4"}, {"name": "79724", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/79724"}, {"name": "FEDORA-2016-5d43766e33", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"}, {"name": "SUSE-SU-2016:2074", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"}, {"name": "USN-2890-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2890-2"}, {"name": "USN-2890-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2890-1"}, {"name": "DSA-3434", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3434"}, {"name": "USN-2888-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2888-1"}, {"name": "SUSE-SU-2016:0911", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"}]}]}, "cveMetadata": {"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84", "assignerShortName": "microfocus", "cveId": "CVE-2015-8575", "datePublished": "2016-02-08T02:00:00", "dateReserved": "2015-12-16T00:00:00", "dateUpdated": "2024-08-06T08:20:43.539Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "35E3DC8E-8900-4874-A272-E3EC1174360B", "versionEndIncluding": "4.3.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application."}, {"lang": "es", "value": "La funci\u00f3n sco_sock_bind en net/bluetooth/sco.c en el kernel de Linux en versiones anteriores a 4.3.4 no verifica la longitud de una direcci\u00f3n, lo que permite a usuarios locales obtener informaci\u00f3n sensible de la memoria del kernel y eludir el mecanismo de protecci\u00f3n KASLR a trav\u00e9s de una aplicaci\u00f3n manipulada."}], "id": "CVE-2015-8575", "lastModified": "2023-11-07T02:28:33.910", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-02-08T03:59:04.887", "references": [{"source": "security@opentext.com", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4"}, {"source": "security@opentext.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"}, {"source": "security@opentext.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"}, {"source": "security@opentext.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"}, {"source": "security@opentext.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"}, {"source": "security@opentext.com", "url": "http://www.debian.org/security/2016/dsa-3434"}, {"source": "security@opentext.com", "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4"}, {"source": "security@opentext.com", "url": "http://www.openwall.com/lists/oss-security/2015/12/16/3"}, {"source": "security@opentext.com", "url": "http://www.securityfocus.com/bid/79724"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-2886-1"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-2888-1"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-2890-1"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-2890-2"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-2890-3"}, {"source": "security@opentext.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292840"}, {"source": "security@opentext.com", "url": "https://github.com/torvalds/linux/commit/5233252fce714053f0151680933571a2da9cbfb4"}], "sourceIdentifier": "security@opentext.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: information leak in sco_sock_bind()", "id": "1292840", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292840"}, "csaw": false, "cvss": {"cvss_base_score": "1.9", "cvss_scoring_vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "status": "draft"}, "cwe": "CWE-125", "details": ["The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.", "An out-of-bounds flaw was found in the kernel, where the sco_sock_bind() function (bluetooth/sco) did not check the length of its sockaddr parameter. As a result, more kernel memory was copied out than required, leaking information from the kernel stack (including kernel addresses). A local user could exploit this flaw to bypass kernel ASLR or leak other information."], "name": "CVE-2015-8575", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Will not fix", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2015-12-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-8575\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-8575"], "statement": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7 and MRG-2. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "threat_severity": "Low"}