1. Home
  2. Vulnerabilities
  3. CVE-2015-7613

CVE-2015-7613

CVSS v2.0 6.9 (Medium)
69% Progress
EPSS 0.04 % (11th)
0.04% Progress
Affected Products 1
Advisories 28
NVD Status Analyzed
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c.

Weaknesses
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Related CVEs
CVE Status
PUBLISHED
NVD Status
Analyzed
CNA
MITRE
Published Date
2015-10-19 10:59:08
(9 years ago)
Updated Date
2024-07-17 15:30:18
(2 months ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel prior 3.2.72 version cpe:2.3:o:linux:linux_kernel < 3.2.72
  Linux Kernel from 3.3 version and prior 3.4.111 version cpe:2.3:o:linux:linux_kernel >= 3.3 < 3.4.111
  Linux Kernel from 3.5 version and prior 3.10.91 version cpe:2.3:o:linux:linux_kernel >= 3.5 < 3.10.91
  Linux Kernel from 3.11 version and prior 3.12.50 version cpe:2.3:o:linux:linux_kernel >= 3.11 < 3.12.50
  Linux Kernel from 3.13 version and prior 3.14.55 version cpe:2.3:o:linux:linux_kernel >= 3.13 < 3.14.55
  Linux Kernel from 3.15 version and prior 3.16.35 version cpe:2.3:o:linux:linux_kernel >= 3.15 < 3.16.35
  Linux Kernel from 3.17 version and prior 3.18.23 version cpe:2.3:o:linux:linux_kernel >= 3.17 < 3.18.23
  Linux Kernel from 3.19 version and prior 4.1.11 version cpe:2.3:o:linux:linux_kernel >= 3.19 < 4.1.11
  Linux Kernel from 4.2 version and prior 4.2.4 version cpe:2.3:o:linux:linux_kernel >= 4.2 < 4.2.4