Oval Definition:	oval:com.ubuntu.precise:def:20151420000
Revision Date: 2015-03-16 Version: 1 Title: CVE-2015-1420 on Ubuntu 12.04 LTS (precise) - medium. Description: Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function. A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensative memory locations. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-1420 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information The 'linux' package in precise was vulnerable but has been fixed (note: '3.2.0-87.125'). OR The 'linux-armadaxp' package in precise was vulnerable but has been fixed (note: '3.2.0-1653.74'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'was needed now end-of-life'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'was needs-triage now end-of-life'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'was needed now end-of-life'). OR The 'linux-lts-trusty' package in precise was vulnerable but has been fixed (note: '3.13.0-57.95~precise1'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR The 'linux-ti-omap4' package in precise was vulnerable but has been fixed (note: '3.2.0-1467.88').
BACK