Home CVE Database CVE-2015-8569

CVE-2015-8569

Description

The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

Priority: Low
CVSS v3: 2.3
Publish Date: Dec 28, 2015
Related ID: --
CVSS v2: Low
Modified Date: Dec 28, 2015

Find out more about CVE-2015-8569 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

linux

Live chat
Online