Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.105481
Category:F5 Local Security Checks
Title:F5 BIG-IP - Linux kernel vulnerability CVE-2015-7613
Summary:The remote host is missing a security patch.
Description:Summary:
The remote host is missing a security patch.

Vulnerability Insight:
Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c.

Vulnerability Impact:
Exploitation of this issue requires shell access, and a non-standard and unsupported configuration (such as modifications to Linux configuration files) may expose this issue further. F5 does not recommend manually editing Linux configuration files. There is no remote access vector or data plane exposure.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-7613
BugTraq ID: 76977
http://www.securityfocus.com/bid/76977
Debian Security Information: DSA-3372 (Google Search)
http://www.debian.org/security/2015/dsa-3372
http://www.openwall.com/lists/oss-security/2015/10/01/8
RedHat Security Advisories: RHSA-2015:2636
http://rhn.redhat.com/errata/RHSA-2015-2636.html
http://www.securitytracker.com/id/1034094
http://www.securitytracker.com/id/1034592
SuSE Security Announcement: SUSE-SU-2015:1727 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html
SuSE Security Announcement: SUSE-SU-2015:2084 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00026.html
SuSE Security Announcement: SUSE-SU-2015:2085 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00027.html
SuSE Security Announcement: SUSE-SU-2015:2086 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00028.html
SuSE Security Announcement: SUSE-SU-2015:2087 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00029.html
SuSE Security Announcement: SUSE-SU-2015:2089 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00030.html
SuSE Security Announcement: SUSE-SU-2015:2090 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00031.html
SuSE Security Announcement: SUSE-SU-2015:2091 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00032.html
http://www.ubuntu.com/usn/USN-2761-1
http://www.ubuntu.com/usn/USN-2762-1
http://www.ubuntu.com/usn/USN-2763-1
http://www.ubuntu.com/usn/USN-2764-1
http://www.ubuntu.com/usn/USN-2765-1
http://www.ubuntu.com/usn/USN-2792-1
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.