PT-2016-3559 · Linux+1 · Linux Kernel+1

Published

2016-05-09

Updated

2021-05-28

CVE-2015-0570

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions 3.x and 4.x

Description A stack-based buffer overflow issue exists in the SET WPS IE IOCTL implementation in the WLAN driver, allowing attackers to gain privileges via a crafted application that uses a long WPS IE element.

Recommendations For Linux kernel versions 3.x and 4.x, consider restricting access to the WLAN driver or disabling the SET WPS IE IOCTL implementation until a patch is available.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2019-1437

ALT-PU-2019-1506

ALT-PU-2020-1198

ALT-PU-2020-1501

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

CVE-2015-0570

Affected Products

Alt Linux

Linux Kernel

PT-2016-3559 · Linux+1 · Linux Kernel+1

CVE-2015-0570

Weakness Enumeration

Related Identifiers

Affected Products

References · 797