Executive Summary

Informations
NameCVE-2015-9289First vendor Publication2019-07-27
VendorCveLast vendor Modification2019-07-31

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9289

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Os2026

Sources (Detail)

SourceUrl
MISC https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1f...
https://github.com/torvalds/linux/commit/1fa2337a315a2448c5434f41e00d56b01a22...
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2019-08-01 05:18:46
  • Multiple Updates
2019-07-29 05:19:15
  • Multiple Updates
2019-07-28 05:18:43
  • First insertion