ByteOS Network

Vulnerability Details :

CVE-2015-8543

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-28 Dec, 2015 | 11:00

Updated At-06 Aug, 2024 | 08:20

The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:mitre

Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At:28 Dec, 2015 | 11:00

Updated At:06 Aug, 2024 | 08:20

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://rhn.redhat.com/errata/RHSA-2016-0855.html	vendor-advisory x_refsource_REDHAT
http://www.securitytracker.com/id/1034892	vdb-entry x_refsource_SECTRACK
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html	x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2886-1	vendor-advisory x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2890-3	vendor-advisory x_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory x_refsource_SUSE
http://www.securityfocus.com/bid/79698	vdb-entry x_refsource_BID
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory x_refsource_SUSE
http://www.ubuntu.com/usn/USN-2890-2	vendor-advisory x_refsource_UBUNTU
https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9	x_refsource_CONFIRM
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9	x_refsource_CONFIRM
http://www.debian.org/security/2015/dsa-3426	vendor-advisory x_refsource_DEBIAN
http://www.openwall.com/lists/oss-security/2015/12/09/5	mailing-list x_refsource_MLIST
http://www.ubuntu.com/usn/USN-2890-1	vendor-advisory x_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=1290475	x_refsource_CONFIRM
http://www.debian.org/security/2016/dsa-3434	vendor-advisory x_refsource_DEBIAN
http://www.ubuntu.com/usn/USN-2888-1	vendor-advisory x_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory x_refsource_SUSE

Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0855.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.securitytracker.com/id/1034892

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.ubuntu.com/usn/USN-2886-1

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://www.ubuntu.com/usn/USN-2890-3

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-2584.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-2574.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://www.securityfocus.com/bid/79698

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://www.ubuntu.com/usn/USN-2890-2

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9

Resource:

x_refsource_CONFIRM

Hyperlink: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.debian.org/security/2015/dsa-3426

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: http://www.openwall.com/lists/oss-security/2015/12/09/5

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://www.ubuntu.com/usn/USN-2890-1

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1290475

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.debian.org/security/2016/dsa-3434

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: http://www.ubuntu.com/usn/USN-2888-1

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html

Resource:

vendor-advisory

x_refsource_SUSE

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://rhn.redhat.com/errata/RHSA-2016-0855.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.securitytracker.com/id/1034892	vdb-entry x_refsource_SECTRACK x_transferred
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html	x_refsource_CONFIRM x_transferred
http://www.ubuntu.com/usn/USN-2886-1	vendor-advisory x_refsource_UBUNTU x_transferred
http://www.ubuntu.com/usn/USN-2890-3	vendor-advisory x_refsource_UBUNTU x_transferred
http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory x_refsource_REDHAT x_transferred
http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory x_refsource_REDHAT x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory x_refsource_SUSE x_transferred
http://www.securityfocus.com/bid/79698	vdb-entry x_refsource_BID x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory x_refsource_SUSE x_transferred
http://www.ubuntu.com/usn/USN-2890-2	vendor-advisory x_refsource_UBUNTU x_transferred
https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9	x_refsource_CONFIRM x_transferred
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9	x_refsource_CONFIRM x_transferred
http://www.debian.org/security/2015/dsa-3426	vendor-advisory x_refsource_DEBIAN x_transferred
http://www.openwall.com/lists/oss-security/2015/12/09/5	mailing-list x_refsource_MLIST x_transferred
http://www.ubuntu.com/usn/USN-2890-1	vendor-advisory x_refsource_UBUNTU x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1290475	x_refsource_CONFIRM x_transferred
http://www.debian.org/security/2016/dsa-3434	vendor-advisory x_refsource_DEBIAN x_transferred
http://www.ubuntu.com/usn/USN-2888-1	vendor-advisory x_refsource_UBUNTU x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory x_refsource_SUSE x_transferred

Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0855.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.securitytracker.com/id/1034892

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.ubuntu.com/usn/USN-2886-1

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: http://www.ubuntu.com/usn/USN-2890-3

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-2584.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-2574.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://www.securityfocus.com/bid/79698

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://www.ubuntu.com/usn/USN-2890-2

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.debian.org/security/2015/dsa-3426

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: http://www.openwall.com/lists/oss-security/2015/12/09/5

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://www.ubuntu.com/usn/USN-2890-1

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1290475

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.debian.org/security/2016/dsa-3434

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: http://www.ubuntu.com/usn/USN-2888-1

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve@mitre.org

Published At:28 Dec, 2015 | 11:59

Updated At:12 Apr, 2025 | 10:46

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.0	HIGH	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	6.9	MEDIUM	AV:L/AC:M/Au:N/C:C/I:C/A:C

Type: Primary

Version: 3.1

Base score: 7.0

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 6.9

Base severity: MEDIUM

Vector:

AV:L/AC:M/Au:N/C:C/I:C/A:C

CPE Matches

Linux Kernel Organization, Inc

>>linux_kernel>>Versions before 3.2.75(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 3.3(inclusive) to 3.4.111(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 3.5(inclusive) to 3.10.95(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 3.11(inclusive) to 3.12.52(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 3.13(inclusive) to 3.14.59(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 3.15(inclusive) to 3.16.35(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 3.17(inclusive) to 3.18.26(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 3.19(inclusive) to 4.1.16(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 4.2(inclusive) to 4.3.4(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

Evaluator Description

CWE-476: NULL Pointer Dereference

References

Hyperlink	Source	Resource
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9	cve@mitre.org	Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	cve@mitre.org	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	cve@mitre.org	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	cve@mitre.org	Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0855.html	cve@mitre.org	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2574.html	cve@mitre.org	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2584.html	cve@mitre.org	Third Party Advisory
http://www.debian.org/security/2015/dsa-3426	cve@mitre.org	Third Party Advisory
http://www.debian.org/security/2016/dsa-3434	cve@mitre.org	Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/12/09/5	cve@mitre.org	Mailing List Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html	cve@mitre.org	Third Party Advisory
http://www.securityfocus.com/bid/79698	cve@mitre.org	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034892	cve@mitre.org	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2886-1	cve@mitre.org	Third Party Advisory
http://www.ubuntu.com/usn/USN-2888-1	cve@mitre.org	Third Party Advisory
http://www.ubuntu.com/usn/USN-2890-1	cve@mitre.org	Third Party Advisory
http://www.ubuntu.com/usn/USN-2890-2	cve@mitre.org	Third Party Advisory
http://www.ubuntu.com/usn/USN-2890-3	cve@mitre.org	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1290475	cve@mitre.org	Issue Tracking Third Party Advisory
https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9	cve@mitre.org	Vendor Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0855.html	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2574.html	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2584.html	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.debian.org/security/2015/dsa-3426	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.debian.org/security/2016/dsa-3434	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/12/09/5	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.securityfocus.com/bid/79698	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034892	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2886-1	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.ubuntu.com/usn/USN-2888-1	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.ubuntu.com/usn/USN-2890-1	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.ubuntu.com/usn/USN-2890-2	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.ubuntu.com/usn/USN-2890-3	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1290475	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Third Party Advisory
https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory

Hyperlink: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html

Source: cve@mitre.org

Resource:

Mailing List

Third Party Advisory

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html

Source: cve@mitre.org

Resource:

Mailing List

Third Party Advisory

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

Source: cve@mitre.org

Resource:

Mailing List

Third Party Advisory

Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0855.html

Source: cve@mitre.org

Resource:

Third Party Advisory

Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-2574.html

Source: cve@mitre.org

Resource:

Third Party Advisory

Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-2584.html

Source: cve@mitre.org

Resource:

Third Party Advisory

Hyperlink: http://www.debian.org/security/2015/dsa-3426

Source: cve@mitre.org

Resource:

Third Party Advisory

Hyperlink: http://www.debian.org/security/2016/dsa-3434

Source: cve@mitre.org

Resource:

Third Party Advisory

Hyperlink: http://www.openwall.com/lists/oss-security/2015/12/09/5

Source: cve@mitre.org

Resource:

Mailing List

Third Party Advisory

Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Source: cve@mitre.org

Resource:

Third Party Advisory

Hyperlink: http://www.securityfocus.com/bid/79698

Source: cve@mitre.org

Resource:

Third Party Advisory

VDB Entry

Hyperlink: http://www.securitytracker.com/id/1034892

Source: cve@mitre.org

Resource:

Third Party Advisory

VDB Entry

Hyperlink: http://www.ubuntu.com/usn/USN-2886-1

Source: cve@mitre.org

Resource:

Third Party Advisory

Hyperlink: http://www.ubuntu.com/usn/USN-2888-1

Source: cve@mitre.org

Resource:

Third Party Advisory

Hyperlink: http://www.ubuntu.com/usn/USN-2890-1

Source: cve@mitre.org

Resource:

Third Party Advisory

Hyperlink: http://www.ubuntu.com/usn/USN-2890-2

Source: cve@mitre.org

Resource:

Third Party Advisory

Hyperlink: http://www.ubuntu.com/usn/USN-2890-3

Source: cve@mitre.org

Resource:

Third Party Advisory

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1290475

Source: cve@mitre.org

Resource:

Issue Tracking

Third Party Advisory

Hyperlink: https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9