CVE-2015-2041

Linux kernel <3.19 - Info Disclosure

Title source: llm
STIX 2.1

Description

net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.

References (16)

Core 16
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/72729
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2562-1
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2565-1
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2561-1
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2564-1
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2563-1
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3237
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1195350
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2560-1
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/02/20/19

Scores

EPSS 0.0006
EPSS Percentile 20.2%

Details

CWE
CWE-17
Status published
Products (3)
debian/debian_linux
linux/linux_kernel < 3.18.7
suse/suse_linux_enterprise_server 10 sp4
Published Apr 21, 2015
Tracked Since Feb 18, 2026