CVE-2015-1805
First published: Tue Mar 17 2015(Updated: )
A flaw was found in the way pipe_iov_copy_from_user() and pipe_iov_copy_to_user() functions handled iovecs remaining len accounting on failed atomic access. An unprivileged local user could this flaw to crash the system or, potentially, escalate their privileges on the system. Upstream fixes: <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045">http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045</a> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1">http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1</a> Acknowledgements: The security impact of this issue was discovered by Red Hat.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | =4.4.3 | |
| Android | =5.0.1 | |
| Android | =5.1 | |
| Android | =5.1.1 | |
| Android | =6.0 | |
| Linux kernel | <=3.15.10 | |
| debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.133-1 6.12.21-1 6.12.22-1 | |
| Linux Kernel | <=3.15.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securitytracker.com/id/1032454
- http://www.securityfocus.com/bid/74951
- http://www.debian.org/security/2015/dsa-3290
- https://bugzilla.redhat.com/show_bug.cgi?id=1202855
- http://rhn.redhat.com/errata/RHSA-2015-1042.html
- http://rhn.redhat.com/errata/RHSA-2015-1081.html
- http://rhn.redhat.com/errata/RHSA-2015-1082.html
- http://rhn.redhat.com/errata/RHSA-2015-1120.html
- http://rhn.redhat.com/errata/RHSA-2015-1137.html
- http://rhn.redhat.com/errata/RHSA-2015-1138.html
- http://rhn.redhat.com/errata/RHSA-2015-1190.html
- http://rhn.redhat.com/errata/RHSA-2015-1199.html
- http://rhn.redhat.com/errata/RHSA-2015-1211.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
- http://www.ubuntu.com/usn/USN-2679-1
- http://www.ubuntu.com/usn/USN-2680-1
- http://www.ubuntu.com/usn/USN-2681-1
- http://www.ubuntu.com/usn/USN-2967-1
- http://www.ubuntu.com/usn/USN-2967-2
- http://www.openwall.com/lists/oss-security/2015/06/06/2
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045
- http://source.android.com/security/bulletin/2016-04-02.html
- http://source.android.com/security/bulletin/2016-05-01.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1
- https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045
- https://launchpad.net/bugs/cve/CVE-2015-1805
- https://rhn.redhat.com/errata/RHSA-2015-1042.html
- https://rhn.redhat.com/errata/RHSA-2015-1082.html
- https://rhn.redhat.com/errata/RHSA-2015-1081.html
- https://rhn.redhat.com/errata/RHSA-2015-1120.html
- https://rhn.redhat.com/errata/RHSA-2015-1139.html
- https://rhn.redhat.com/errata/RHSA-2015-1138.html
- https://rhn.redhat.com/errata/RHSA-2015-1137.html
- https://rhn.redhat.com/errata/RHSA-2015-1190.html
- https://rhn.redhat.com/errata/RHSA-2015-1199.html
- https://rhn.redhat.com/errata/RHSA-2015-1211.html
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1
- https://security-tracker.debian.org/tracker/CVE-2015-1805
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805
- https://nvd.nist.gov/vuln/detail/CVE-2015-1805
- https://ubuntu.com/security/CVE-2015-1805
Frequently Asked Questions
What is the severity of CVE-2015-1805?
CVE-2015-1805 is classified as a high severity vulnerability due to its potential to allow local privilege escalation or system crashes.
How do I fix CVE-2015-1805?
To fix CVE-2015-1805, upgrade to the patched versions of the Linux kernel or Android OS specified by the vendors.
Who is affected by CVE-2015-1805?
CVE-2015-1805 affects unprivileged local users on systems running vulnerable versions of the Linux kernel and specific versions of Android.
What types of systems are impacted by CVE-2015-1805?
CVE-2015-1805 impacts both Linux operating systems and Google Android versions 4.4.3 to 6.0.
Can CVE-2015-1805 lead to unauthorized access?
Yes, CVE-2015-1805 can potentially allow an attacker to escalate their privileges and gain unauthorized access to the system.
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2015-1805
- agent/weakness
- agent/severity
- agent/remedy
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- agent/last-modified-date
- agent/trending
- agent/source
- agent/event
- agent/author
- agent/tags
- agent/softwarecombine
- collector/security-tracker-debian
- source/Debian
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- package-manager/debian
- vendor/google
- canonical/android
- version/android/4.4.3
- version/android/5.0.1
- version/android/5.1
- version/android/5.1.1
- version/android/6.0
- vendor/linux
- canonical/linux kernel
- version/linux kernel/3.15.10