CVE-2015-4004
Description
The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via a crafted packet.
Risk Information
Base Score
6.7
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:H
EPSS Score
Exploitation Probability
4.322
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux hardware enablement kernel from Trusty for Precise (USN-2998-1) linux-image-3.13.0-88-generic_3.13.0-88.135~precise1_i386.deb | Linux |
| Linux hardware enablement kernel from Trusty for Precise (USN-2998-1) linux-image-3.13.0-88-generic_3.13.0-88.135~precise1_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234