Integer overflow in Linux kernel

#VU40637 Integer overflow in Linux kernel

Published: 2015-10-19 | Updated: 2020-08-09

Vulnerability identifier: #VU40637

Vulnerability risk: Medium

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2015-5707

CWE-ID: CWE-190

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: 2.6.0 - 2.6_test9_cvs, 3.0 - 3.0.101, 3.1 - 3.1.10, 3.2 - 3.2.93, 3.3 - 3.3.8, 3.4 - 3.4.113, 3.5 - 3.5.7, 3.6 - 3.6.11, 3.7 - 3.7.10, 3.8 - 3.8.13, 3.9 - 3.9.11, 3.10 - 3.10.107, 3.11 - 3.11.10, 3.12 - 3.12.74, 3.13 - 3.13.11, 3.14 - 3.14.79, 3.15 - 3.15.10, 3.16 - 3.16.58, 3.17 - 3.17.8, 3.18 - 3.18.140, 3.19 - 3.19.8, 4.0 - 4.0.9, 4.1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Integer overflow in Linux kernel