vulnerability
Ubuntu: (Multiple Advisories) (CVE-2015-3288): Linux kernel vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Oct 16, 2016 | Nov 11, 2016 | Apr 14, 2025 |
Description
It was discovered that the compression handling code in the Advanced Linux
Sound Architecture (ALSA) subsystem in the Linux kernel did not properly
check for an integer overflow. A local attacker could use this to cause a
denial of service (system crash). (CVE-2014-9904)
Kirill A. Shutemov discovered that memory manager in the Linux kernel did
not properly handle anonymous pages. A local attacker could use this to
cause a denial of service or possibly gain administrative privileges.
(CVE-2015-3288)
Vitaly Kuznetsov discovered that the Linux kernel did not properly suppress
hugetlbfs support in X86 paravirtualized guests. An attacker in the guest
OS could cause a denial of service (guest system crash). (CVE-2016-3961)
Ondrej Kozina discovered that the keyring interface in the Linux kernel
contained a buffer overflow when displaying timeout events via the
/proc/keys interface. A local attacker could use this to cause a denial of
service (system crash). (CVE-2016-7042)
Solution(s)
References
- CVE-2015-3288
- https://attackerkb.com/topics/CVE-2015-3288
- NVD-CVE-2015-3288
- UBUNTU-USN-3001-1
- UBUNTU-USN-3002-1
- UBUNTU-USN-3003-1
- UBUNTU-USN-3004-1
- UBUNTU-USN-3005-1
- UBUNTU-USN-3006-1
- UBUNTU-USN-3007-1
- UBUNTU-USN-3049-1
- UBUNTU-USN-3050-1
- UBUNTU-USN-3126-1
- UBUNTU-USN-3126-2
- UBUNTU-USN-3127-1
- UBUNTU-USN-3127-2
- UBUNTU-USN-3128-1
- UBUNTU-USN-3128-2
- UBUNTU-USN-3128-3
- UBUNTU-USN-3129-1
- UBUNTU-USN-3129-2
- UBUNTU-USN-3161-3
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.