Vulnerabilities

CVE-2015-8575

by Fred · 07/02/2016

The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

Date published : 2016-02-07

http://www.securityfocus.com/bid/79724

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4

Similar

Tags: Cybersecurity Alert