PT-2016-4078 · Linux +2 · Linux Kernel +2
Published
2015-06-03
·
Updated
2023-01-19
·
CVE-2015-8967
CVSS v2.0
9.3
9.3
High
| Base vector | Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Linux kernel versions prior to 4.0
Description:
The issue allows local users to bypass the strict page permissions protection mechanism and modify the system-call table, which can lead to privilege escalation. This is achieved by leveraging write access.
Recommendations:
For versions prior to 4.0, update to version 4.0 or later to resolve the issue.
Exploit
Fix
Weakness Enumeration
Related Identifiers
ALT-PU-2015-1485
ALT-PU-2015-1849
CVE-2015-8967
USN-3360-1
USN-3360-2
Affected Products
Alt Linux
Linux Kernel
Ubuntu
References · 139
- 🔥 https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/overlayfs_priv_esc.rb⭐ 35406 🔗 14273 · Exploit
- 🔥 https://github.com/fi01/CVE-2015-3636⭐ 133 🔗 88 · Exploit
- 🔥 https://github.com/android-rooting-tools/libpingpong_exploit⭐ 44 🔗 32 · Exploit
- 🔥 https://github.com/a7vinx/CVE-2015-3636⭐ 18 🔗 11 · Exploit
- 🔥 https://github.com/askk/libping_unhash_exploit_POC⭐ 3 🔗 21 · Exploit
- 🔥 https://github.com/hhj4ck/CVE-2016-2067⭐ 8 🔗 4 · Exploit
- 🔥 https://github.com/x1ns4n3/CVE-2015-1328-GoldenEye⭐ 9 · Exploit
- 🔥 https://github.com/0x1ns4n3/CVE-2015-1328-GoldenEye⭐ 9 · Exploit
- 🔥 https://github.com/elit3pwner/CVE-2015-1328-GoldenEye⭐ 9 · Exploit
- 🔥 https://github.com/betalphafai/CVE-2015-0568⭐ 4 🔗 4 · Exploit
- 🔥 https://github.com/betalphafai/cve-2015-3636_crash⭐ 4 🔗 3 · Exploit
- https://github.com/torvalds/linux/commit/c623b33b4e9599c6ac5076f7db7369eb9869aa04⭐ 192610 🔗 55688 · Patch
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8019 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5340 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6787 · Security Note