SB2015091701 - Multiple vulnerabilities in Linux Kernel



SB2015091701 - Multiple vulnerabilities in Linux Kernel

Published: September 17, 2015 Updated: April 27, 2018

Security Bulletin ID SB2015091701
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 vulnerabilities.


1) NULL pointer dereference (CVE-ID: CVE-2017-15116)

CWE-ID: CWE-476 - NULL Pointer Dereference

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists in the rngapi_reset function in crypto/rng.c due to NULL pointer dereference. A local attacker can cause the service to crash.

2) Uncontrolled memory allocation (CVE-ID: CVE-2017-9725)

CWE-ID: CWE-789 - Uncontrolled Memory Allocation

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local attacker to case DoS condition or gain elevated privileges on the target system.

The weakness exists in all Qualcomm products with Android releases from CAF during DMA allocation due to wrong data type of size allocation size gets truncated which makes allocation succeed when it should fail. A local attacker can cause the service to crash or gain root privileges.

Remediation

Install update from vendor's website.