CVE-2015-4002
Published Jun 7, 2015
Last updated 2 years ago
Overview
- Description
- drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 8.5
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF5DF640-26B7-486C-8A1E-C267A58B107F",
"versionEndExcluding": "3.4.109"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ECC7A571-F521-467D-AC01-C14A021C6FB8",
"versionEndExcluding": "3.10.81",
"versionStartIncluding": "3.5"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3098ADB-0836-42D0-8E95-339E1EF3D9F9",
"versionEndExcluding": "3.12.45",
"versionStartIncluding": "3.11"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B57D2217-EBAE-454F-9DE5-D6F27BC21672",
"versionEndExcluding": "3.14.45",
"versionStartIncluding": "3.13"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DC4BA70-B111-4D2E-BC78-6601CED68F08",
"versionEndExcluding": "3.16.35",
"versionStartIncluding": "3.15"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2106A163-2CE8-4976-89C8-0DA83B9609F7",
"versionEndExcluding": "3.18.18",
"versionStartIncluding": "3.17"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "693B47BD-DBFB-451F-948D-93F48D711099",
"versionEndExcluding": "4.0.6",
"versionStartIncluding": "3.19"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"vulnerable": true,
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081"
}
],
"operator": "OR"
}
]
}
]