| Revision Date: | 2015-12-28 | Version: | 1 | | Title: | CVE-2015-7885 on Ubuntu 12.04 LTS (precise) - low. | | Description: | The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application. It was discovered that the driver for Digi Neo and ClassicBoard devices did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2015-7885
| | Platform(s): | Ubuntu 12.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 12.04 LTS (precise) is installed. AND Package Information
NOT While related to the CVE in some way, the 'linux' package in precise is not affected.
OR NOT While related to the CVE in some way, the 'linux-armadaxp' package in precise is not affected.
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'was needs-triage now end-of-life').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'end-of-life').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'was needs-triage now end-of-life').
OR The 'linux-lts-trusty' package in precise was vulnerable but has been fixed (note: '3.13.0-73.116~precise1').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR NOT While related to the CVE in some way, the 'linux-ti-omap4' package in precise is not affected.
|
|