CVE-2015-8956 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.1 MEDIUM	LOCAL	LOW	LOW	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: 6%

Affected Products (NVD)

Vendor	Product	Version
linux	linux_kernel	𝑥 ≤ 4.1.33
google	android	𝑥 ≤ 7.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.106-3 fixed
bookworm (security)	6.1.112-1 fixed
bullseye	5.10.223-1 fixed
bullseye (security)	5.10.226-1 fixed
sid	6.11.6-1 fixed
trixie	6.11.5-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

linux

artful	not-affected
precise	not-affected
trusty	not-affected
xenial	not-affected
yakkety	not-affected
zesty	not-affected

linux-armadaxp

artful	dne
precise	not-affected
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

linux-aws

artful	dne
precise	dne
trusty	not-affected
xenial	not-affected
yakkety	dne
zesty	dne

linux-azure

artful	dne
trusty	not-affected
xenial	not-affected
yakkety	dne
zesty	dne

linux-euclid

artful	dne
trusty	dne
xenial	not-affected
zesty	dne

linux-flo

artful	dne
precise	dne
trusty	dne
xenial	not-affected
yakkety	not-affected
zesty	dne

linux-gcp

artful	dne
trusty	dne
xenial	not-affected
yakkety	dne
zesty	dne

linux-gke

artful	dne
precise	dne
trusty	dne
xenial	not-affected
yakkety	dne
zesty	dne

linux-goldfish

artful	dne
precise	dne
trusty	dne
xenial	not-affected
yakkety	not-affected
zesty	not-affected

linux-grouper

artful	dne
precise	dne
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

linux-hwe

artful	dne
precise	dne
trusty	dne
xenial	not-affected
yakkety	dne
zesty	dne

linux-hwe-edge

artful	dne
precise	dne
trusty	dne
xenial	not-affected
yakkety	dne
zesty	dne

linux-kvm

artful	dne
trusty	dne
xenial	not-affected
zesty	dne

linux-linaro-omap

artful	dne
precise	ignored
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

linux-linaro-shared

artful	dne
precise	ignored
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

linux-linaro-vexpress

artful	dne
precise	ignored
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

linux-lts-quantal

artful	dne
precise	ignored
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

linux-lts-raring

artful	dne
precise	ignored
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

linux-lts-saucy

artful	dne
precise	ignored
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

linux-lts-trusty

artful	dne
precise	not-affected
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

linux-lts-utopic

artful	dne
precise	dne
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

linux-lts-vivid

artful	dne
precise	dne
trusty	ignored
xenial	dne
yakkety	dne
zesty	dne

linux-lts-wily

artful	dne
precise	dne
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

linux-lts-xenial

artful	dne
precise	dne
trusty	not-affected
xenial	dne
yakkety	dne
zesty	dne

linux-maguro

artful	dne
precise	dne
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

linux-mako

artful	dne
precise	dne
trusty	dne
xenial	not-affected
yakkety	not-affected
zesty	dne

linux-manta

artful	dne
precise	dne
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

linux-oem

artful	dne
trusty	dne
xenial	not-affected
zesty	dne

linux-qcm-msm

artful	dne
precise	ignored
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

linux-raspi2

artful	not-affected
precise	dne
trusty	dne
xenial	not-affected
yakkety	not-affected
zesty	not-affected

linux-snapdragon

artful	not-affected
precise	dne
trusty	dne
xenial	not-affected
yakkety	not-affected
zesty	not-affected

linux-ti-omap4

artful	dne
precise	not-affected
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

openSUSE / SLES Releases

openSUSE Product

Release

kernel-default

suse enterprise sap 12 SP1	3.12.67-60.64.18.1 fixed
suse enterprise server 12	3.12.61-52.66.1 fixed
suse enterprise server 12 SP1	3.12.67-60.64.18.1 fixed

kernel-default-base

suse enterprise sap 12 SP1	3.12.67-60.64.18.1 fixed
suse enterprise server 12	3.12.61-52.66.1 fixed
suse enterprise server 12 SP1	3.12.67-60.64.18.1 fixed

kernel-default-man

suse enterprise sap 12 SP1	3.12.67-60.64.18.1 fixed
suse enterprise server 12	3.12.61-52.66.1 fixed
suse enterprise server 12 SP1	3.12.67-60.64.18.1 fixed

kernel-ec2

suse enterprise sap 12	3.12.67-60.64.18.1 fixed
suse enterprise sap 12 SP3	3.12.67-60.64.18.1 fixed
suse enterprise sap 12 SP4	3.12.67-60.64.18.1 fixed
suse enterprise sap 12 SP5	3.12.67-60.64.18.1 fixed
suse enterprise server 12	3.12.67-60.64.18.1 fixed
suse enterprise server 12 SP3	3.12.67-60.64.18.1 fixed
suse enterprise server 12 SP4	3.12.67-60.64.18.1 fixed
suse enterprise server 12 SP5	3.12.67-60.64.18.1 fixed

kernel-ec2-extra

suse enterprise sap 12	3.12.67-60.64.18.1 fixed
suse enterprise sap 12 SP3	3.12.67-60.64.18.1 fixed
suse enterprise sap 12 SP4	3.12.67-60.64.18.1 fixed
suse enterprise sap 12 SP5	3.12.67-60.64.18.1 fixed
suse enterprise server 12	3.12.67-60.64.18.1 fixed
suse enterprise server 12 SP3	3.12.67-60.64.18.1 fixed
suse enterprise server 12 SP4	3.12.67-60.64.18.1 fixed
suse enterprise server 12 SP5	3.12.67-60.64.18.1 fixed

kernel-macros

suse enterprise sap 12 SP1	3.12.67-60.64.18.1 fixed
suse enterprise server 12	3.12.61-52.66.1 fixed
suse enterprise server 12 SP1	3.12.67-60.64.18.1 fixed

kernel-source

suse enterprise sap 12 SP1	3.12.67-60.64.18.1 fixed
suse enterprise server 12	3.12.61-52.66.1 fixed
suse enterprise server 12 SP1	3.12.67-60.64.18.1 fixed

kernel-syms

suse enterprise sap 12 SP1	3.12.67-60.64.18.1 fixed
suse enterprise server 12	3.12.61-52.66.1 fixed
suse enterprise server 12 SP1	3.12.67-60.64.18.1 fixed

kernel-xen

suse enterprise sap 12 SP1	3.12.67-60.64.18.1 fixed
suse enterprise server 12	3.12.61-52.66.1 fixed
suse enterprise server 12 SP1	3.12.67-60.64.18.1 fixed

kernel-xen-base

suse enterprise sap 12 SP1	3.12.67-60.64.18.1 fixed
suse enterprise server 12	3.12.61-52.66.1 fixed
suse enterprise server 12 SP1	3.12.67-60.64.18.1 fixed

kgraft-patch-3_12_61-52_66-default-1

suse enterprise server 12

2.1

fixed

kgraft-patch-3_12_61-52_66-xen-1

suse enterprise server 12

2.1

fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

kernel

RHEL 7

0:3.10.0-514.el7

fixed

kernel-abi-whitelists

RHEL 7

0:3.10.0-514.el7

fixed

kernel-bootwrapper

RHEL 7

0:3.10.0-514.el7

fixed

kernel-debug

RHEL 7

0:3.10.0-514.el7

fixed

kernel-debug-devel

RHEL 7

0:3.10.0-514.el7

fixed

kernel-devel

RHEL 7

0:3.10.0-514.el7

fixed

kernel-doc

RHEL 7

0:3.10.0-514.el7

fixed

kernel-headers

RHEL 7

0:3.10.0-514.el7

fixed

kernel-kdump

RHEL 7

0:3.10.0-514.el7

fixed

kernel-kdump-devel

RHEL 7

0:3.10.0-514.el7

fixed

kernel-rt

RHEL 7

0:3.10.0-514.rt56.420.el7

fixed

kernel-rt-debug

RHEL 7

0:3.10.0-514.rt56.420.el7

fixed

kernel-rt-debug-devel

RHEL 7

0:3.10.0-514.rt56.420.el7

fixed

kernel-rt-debug-kvm

RHEL 7

0:3.10.0-514.rt56.420.el7

fixed

kernel-rt-devel

RHEL 7

0:3.10.0-514.rt56.420.el7

fixed

kernel-rt-doc

RHEL 7

0:3.10.0-514.rt56.420.el7

fixed

kernel-rt-kvm

RHEL 7

0:3.10.0-514.rt56.420.el7

fixed

kernel-rt-trace

RHEL 7

0:3.10.0-514.rt56.420.el7

fixed

kernel-rt-trace-devel

RHEL 7

0:3.10.0-514.rt56.420.el7

fixed

kernel-rt-trace-kvm

RHEL 7

0:3.10.0-514.rt56.420.el7

fixed

kernel-tools

RHEL 7

0:3.10.0-514.el7

fixed

kernel-tools-libs

RHEL 7

0:3.10.0-514.el7

fixed

kernel-tools-libs-devel

RHEL 7

0:3.10.0-514.el7

fixed

perf

RHEL 7

0:3.10.0-514.el7

fixed

python-perf

RHEL 7

0:3.10.0-514.el7

fixed

Common Weakness Enumeration

CWE-476 - NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=951b6a0717db97ce420547222647bcc40bf1eacd

http://rhn.redhat.com/errata/RHSA-2016-2574.html

http://rhn.redhat.com/errata/RHSA-2016-2584.html

http://source.android.com/security/bulletin/2016-10-01.html

http://www.securityfocus.com/bid/93326

https://github.com/torvalds/linux/commit/951b6a0717db97ce420547222647bcc40bf1eacd

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=951b6a0717db97ce420547222647bcc40bf1eacd

http://rhn.redhat.com/errata/RHSA-2016-2574.html

http://rhn.redhat.com/errata/RHSA-2016-2584.html

http://source.android.com/security/bulletin/2016-10-01.html

http://www.securityfocus.com/bid/93326

https://github.com/torvalds/linux/commit/951b6a0717db97ce420547222647bcc40bf1eacd