Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
F5 BIG-IP - SOL17458 - Linux kernel vulnerability CVE-2015-1805
Information
Severity
Severity
High
Family
Family
F5 Local Security Checks
CVSSv2 Base
CVSSv2 Base
7.2
CVSSv2 Vector
CVSSv2 Vector
AV:L/AC:L/Au:N/C:C/I:C/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
8 years ago
Modified
Modified
5 years ago
Summary
The remote host is missing a security patch.
Insight
Insight
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an 'I/O vector array overrun.' (CVE-2015-1805)
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
See the referenced vendor advisory for a solution.