CVE-2015-5707 - OpenCVE

Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Suse	Suse Linux Enterprise Desktop Suse Linux Enterprise Server
Canonical	Ubuntu Linux
Debian	Debian Linux
Linux	Linux Kernel

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*

Configuration 3 [-]

OR	cpe:2.3:o:debian:debian_linux:7.0:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*

Configuration 4 [-]

OR	cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3::::::
	cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:::ltss:::*
	cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3::::::
	cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3::::vmware::*

References

Link	Resource
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=451a2886b6bf90e2fb378f7c46c655450fb96e81	Patch Vendor Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdc81f45e9f57858da6351836507fbcf1b7583ee	Patch Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00026.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00027.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00028.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00029.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00030.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00031.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00032.html	Mailing List Third Party Advisory
http://www.debian.org/security/2015/dsa-3329	Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/08/01/6	Mailing List Third Party Advisory
http://www.securityfocus.com/bid/76145	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033521	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2733-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2734-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2737-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2738-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2750-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2759-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2760-1	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1250030	Issue Tracking Third Party Advisory
https://github.com/torvalds/linux/commit/451a2886b6bf90e2fb378f7c46c655450fb96e81	Patch Third Party Advisory
https://github.com/torvalds/linux/commit/fdc81f45e9f57858da6351836507fbcf1b7583ee	Patch Third Party Advisory
https://source.android.com/security/bulletin/2017-07-01	Third Party Advisory