CVE 2015-8575
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.
Related bugs and status
CVE-2015-8575 (Candidate) is related to these bugs:
Bug #1530407: CVE-2015-8575
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1530407 | CVE-2015-8575 | linux (Ubuntu) | Medium | Fix Released | ||
| 1530407 | CVE-2015-8575 | linux-fsl-imx51 (Ubuntu) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-mvl-dove (Ubuntu) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-backport-maverick (Ubuntu) | Undecided | New | ||
| 1530407 | CVE-2015-8575 | linux-lts-backport-natty (Ubuntu) | Undecided | New | ||
| 1530407 | CVE-2015-8575 | linux-ti-omap4 (Ubuntu) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-ec2 (Ubuntu) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux (Ubuntu Xenial) | Medium | Fix Committed | ||
| 1530407 | CVE-2015-8575 | linux-ec2 (Ubuntu Xenial) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-fsl-imx51 (Ubuntu Xenial) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-backport-maverick (Ubuntu Xenial) | Undecided | New | ||
| 1530407 | CVE-2015-8575 | linux-lts-backport-natty (Ubuntu Xenial) | Undecided | New | ||
| 1530407 | CVE-2015-8575 | linux-mvl-dove (Ubuntu Xenial) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-ti-omap4 (Ubuntu Xenial) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux (Ubuntu Wily) | Medium | Fix Released | ||
| 1530407 | CVE-2015-8575 | linux-ec2 (Ubuntu Wily) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-fsl-imx51 (Ubuntu Wily) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-backport-maverick (Ubuntu Wily) | Undecided | New | ||
| 1530407 | CVE-2015-8575 | linux-lts-backport-natty (Ubuntu Wily) | Undecided | New | ||
| 1530407 | CVE-2015-8575 | linux-mvl-dove (Ubuntu Wily) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-ti-omap4 (Ubuntu Wily) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux (Ubuntu Vivid) | Medium | Won't Fix | ||
| 1530407 | CVE-2015-8575 | linux-ec2 (Ubuntu Vivid) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-fsl-imx51 (Ubuntu Vivid) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-backport-maverick (Ubuntu Vivid) | Undecided | New | ||
| 1530407 | CVE-2015-8575 | linux-lts-backport-natty (Ubuntu Vivid) | Undecided | New | ||
| 1530407 | CVE-2015-8575 | linux-mvl-dove (Ubuntu Vivid) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-ti-omap4 (Ubuntu Vivid) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux (Ubuntu Trusty) | Medium | Fix Released | ||
| 1530407 | CVE-2015-8575 | linux-ec2 (Ubuntu Trusty) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-fsl-imx51 (Ubuntu Trusty) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-backport-maverick (Ubuntu Trusty) | Undecided | New | ||
| 1530407 | CVE-2015-8575 | linux-lts-backport-natty (Ubuntu Trusty) | Undecided | New | ||
| 1530407 | CVE-2015-8575 | linux-mvl-dove (Ubuntu Trusty) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-ti-omap4 (Ubuntu Trusty) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux (Ubuntu Precise) | Medium | Fix Released | ||
| 1530407 | CVE-2015-8575 | linux-ec2 (Ubuntu Precise) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-fsl-imx51 (Ubuntu Precise) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-backport-maverick (Ubuntu Precise) | Undecided | Won't Fix | ||
| 1530407 | CVE-2015-8575 | linux-lts-backport-natty (Ubuntu Precise) | Undecided | Won't Fix | ||
| 1530407 | CVE-2015-8575 | linux-mvl-dove (Ubuntu Precise) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-ti-omap4 (Ubuntu Precise) | Medium | Fix Released | ||
| 1530407 | CVE-2015-8575 | linux-lts-trusty (Ubuntu) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-trusty (Ubuntu Precise) | Medium | Fix Released | ||
| 1530407 | CVE-2015-8575 | linux-lts-trusty (Ubuntu Trusty) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-trusty (Ubuntu Vivid) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-trusty (Ubuntu Wily) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-trusty (Ubuntu Xenial) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-armadaxp (Ubuntu) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-armadaxp (Ubuntu Precise) | Medium | Fix Released | ||
| 1530407 | CVE-2015-8575 | linux-armadaxp (Ubuntu Trusty) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-armadaxp (Ubuntu Vivid) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-armadaxp (Ubuntu Wily) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-armadaxp (Ubuntu Xenial) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-wily (Ubuntu) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-wily (Ubuntu Precise) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-wily (Ubuntu Trusty) | Medium | Fix Released | ||
| 1530407 | CVE-2015-8575 | linux-lts-wily (Ubuntu Vivid) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-wily (Ubuntu Wily) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-wily (Ubuntu Xenial) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-goldfish (Ubuntu) | Medium | New | ||
| 1530407 | CVE-2015-8575 | linux-goldfish (Ubuntu Precise) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-goldfish (Ubuntu Trusty) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-goldfish (Ubuntu Vivid) | Medium | New | ||
| 1530407 | CVE-2015-8575 | linux-goldfish (Ubuntu Wily) | Medium | New | ||
| 1530407 | CVE-2015-8575 | linux-goldfish (Ubuntu Xenial) | Medium | New | ||
| 1530407 | CVE-2015-8575 | linux-lts-saucy (Ubuntu) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-saucy (Ubuntu Precise) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-saucy (Ubuntu Trusty) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-saucy (Ubuntu Vivid) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-saucy (Ubuntu Wily) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-saucy (Ubuntu Xenial) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-quantal (Ubuntu) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-quantal (Ubuntu Precise) | Medium | Invalid | ||
| 1530407 | CVE-2015-8575 | linux-lts-quantal (Ubuntu Trusty) | Medium | Invalid | ||
See the 
CVE page on Mitre.org
for more details.
