Vulnerability CVE-2015-9289

Vulnerability Name:

CVE-2015-9289 (CCN-166876)

Assigned:

2015-04-29

Published:

2015-04-29

Updated:

2019-12-11

Summary:

In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.

CVSS v3 Severity:

5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

3.3 Low (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
2.9 Low (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-125
CWE-120

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2015-9289

Source: XF
Type: UNKNOWN
linux-kernel-cve20159289-bo(166876)

Source: MISC
Type: Patch, Vendor Advisory
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fa2337a315a2448c5434f41e00d56b01a22283c

Source: CCN
Type: Linux Kernel GIT Repository
[media] cx24116: fix a buffer overflow when checking userspace params

Source: MISC
Type: Patch, Vendor Advisory
https://github.com/torvalds/linux/commit/1fa2337a315a2448c5434f41e00d56b01a22283c

Source: MISC
Type: Release Notes
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4

Source: CCN
Type: IBM Security Bulletin 6335281 (Data Risk Manager)
IBM Data Risk Manager is affected by multiple vulnerabilities

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2015-9289

Vulnerable Configuration:

Configuration 1:

cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:* (Version < 4.1.4)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration RedHat 6:

cpe:/a:redhat:rhel_extras_rt:7:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:linux:linux_kernel:4.1:-:*:*:*:*:*:*

AND

cpe:/a:ibm:data_risk_manager:2.0.6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20159289	V	CVE-2015-9289	2022-09-02
oval:org.opensuse.security:def:33108	P	Security update for java-1_7_1-ibm (Moderate) (in QA)	2022-01-04
oval:org.opensuse.security:def:34015	P	Security update for log4j (Important)	2021-12-17
oval:org.opensuse.security:def:33051	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:30276	P	Security update for clamav (Moderate)	2021-12-01
oval:org.opensuse.security:def:31312	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:31291	P	Security update for util-linux (Moderate)	2021-10-19
oval:org.opensuse.security:def:34562	P	Security update for the Linux Kernel (Important)	2021-10-12
oval:org.opensuse.security:def:33726	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:34551	P	Security update for atftp (Moderate)	2021-09-27
oval:org.opensuse.security:def:34550	P	Security update for sqlite3 (Important)	2021-09-23
oval:org.opensuse.security:def:33958	P	Security update for fetchmail (Moderate)	2021-08-18
oval:org.opensuse.security:def:30221	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:33940	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:34476	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:31203	P	Security update for apache2 (Important)	2021-06-17
oval:org.opensuse.security:def:36084	P	apache2-mod_nss-1.0.8-0.4.13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:34432	P	Security update for python3 (Important)	2021-05-17
oval:org.opensuse.security:def:33901	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:33643	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:30068	P	Security update for tomcat (Important)	2021-04-29
oval:org.opensuse.security:def:35246	P	Security update for ImageMagick (Moderate)	2021-04-20
oval:org.opensuse.security:def:32895	P	Security update for cifs-utils (Moderate)	2021-04-13
oval:org.opensuse.security:def:34407	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:33632	P	Security update for glibc (Important)	2021-04-13
oval:org.opensuse.security:def:33631	P	Security update for spamassassin (Important)	2021-04-12
oval:org.opensuse.security:def:31147	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:31356	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:34646	P	Security update for freeradius-server (Low)	2021-03-04
oval:org.opensuse.security:def:31252	P	Security update for openvswitch (Important)	2021-02-02
oval:org.opensuse.security:def:31102	P	Security update for xen (Moderate)	2020-12-29
oval:org.opensuse.security:def:28859	P	Security update for postgresql12 (Important)	2020-12-04
oval:org.opensuse.security:def:36043	P	t1lib-5.1.1-100.21.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:34319	P	Security update for python-setuptools (Important)	2020-12-02
oval:org.opensuse.security:def:32444	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:35028	P	Security update for guestfs	2020-12-01
oval:org.opensuse.security:def:30427	P	Security update for xorg-x11-libs (Moderate)	2020-12-01
oval:org.opensuse.security:def:30541	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:29170	P	Security update for MozillaFirefox, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:29621	P	Security update for boost	2020-12-01
oval:org.opensuse.security:def:32751	P	mutt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35295	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30758	P	Security update for apache2-mod_jk (Moderate)	2020-12-01
oval:org.opensuse.security:def:29888	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:29706	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:35405	P	Security update for openssh-openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28434	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:30992	P	Security update for jakarta-taglibs-standard (Important)	2020-12-01
oval:org.opensuse.security:def:29982	P	Security update for net-snmp	2020-12-01
oval:org.opensuse.security:def:33196	P	libzip1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28718	P	Security update for kdebase4-runtime	2020-12-01
oval:org.opensuse.security:def:35154	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:29011	P	Security update for graphviz (Low)	2020-12-01
oval:org.opensuse.security:def:32433	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:34938	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:30383	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:30540	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:29153	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:32657	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30626	P	Security update for Xen and libvirt	2020-12-01
oval:org.opensuse.security:def:34261	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29852	P	Security update for the Linux Kernel	2020-12-01
oval:org.opensuse.security:def:29633	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:35361	P	Security update for nagios-nrpe (Moderate)	2020-12-01
oval:org.opensuse.security:def:28423	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:30905	P	Security update for freeradius	2020-12-01
oval:org.opensuse.security:def:29925	P	Security update for libgcrypt	2020-12-01
oval:org.opensuse.security:def:33157	P	libksba on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28633	P	Security update for acroread	2020-12-01
oval:org.opensuse.security:def:35114	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:33263	P	sudo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32432	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:34881	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:30364	P	Security update for wireshark (Low)	2020-12-01
oval:org.opensuse.security:def:33862	P	Security update for jakarta	2020-12-01
oval:org.opensuse.security:def:29114	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32032	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32522	P	gnome-screensaver on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35187	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:31065	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30552	P	Security update for lcms	2020-12-01
oval:org.opensuse.security:def:34104	P	Security update for mozilla-nspr (Moderate)	2020-12-01
oval:org.opensuse.security:def:29214	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:29622	P	Security update for bsdtar (Important)	2020-12-01
oval:org.opensuse.security:def:32808	P	xorg-x11 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35334	P	Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:28422	P	Security update for wavpack (Moderate)	2020-12-01
oval:org.opensuse.security:def:30848	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:34368	P	Security update for tgt	2020-12-01
oval:org.opensuse.security:def:29838	P	Security update for kdelibs4	2020-12-01
oval:org.opensuse.security:def:28502	P	Security update for openslp (Important)	2020-12-01
oval:org.opensuse.security:def:33219	P	openvpn on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28775	P	Security update for LibVNCServer (Moderate)	2020-12-01
oval:org.opensuse.security:def:34782	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:30325	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:29065	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:31994	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:com.redhat.rhsa:def:20201016	P	RHSA-2020:1016: kernel security, bug fix, and enhancement update (Moderate)	2020-03-31
oval:com.redhat.rhsa:def:20201070	P	RHSA-2020:1070: kernel-rt security and bug fix update (Moderate)	2020-03-31
oval:com.ubuntu.bionic:def:201592890000000	V	CVE-2015-9289 on Ubuntu 18.04 LTS (bionic) - medium.	2019-07-27
oval:com.ubuntu.xenial:def:201592890000000	V	CVE-2015-9289 on Ubuntu 16.04 LTS (xenial) - medium.	2019-07-27
oval:com.ubuntu.disco:def:201592890000000	V	CVE-2015-9289 on Ubuntu 19.04 (disco) - medium.	2019-07-27

BACK