1. Home
  2. Vulnerabilities
  3. CVE-2015-1420

CVE-2015-1420

CVSS v2.0 1.9 (Low)
19% Progress
EPSS 0.04 % (11th)
0.04% Progress
Affected Products 2
Advisories 25
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.

Weaknesses
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2015-03-16 10:59:06
(9 years ago)
Updated Date
2016-12-28 02:59:03
(7 years ago)

Affected Products

Debian

Linux

Configuration #1

    CPE23 From Up To
  Debian Linux 7.0 cpe:2.3:o:debian:debian_linux:7.0

Configuration #2

    CPE23 From Up To
  Linux Kernel 3.18.9 and prior versions cpe:2.3:o:linux:linux_kernel <= 3.18.9