** Changed in: linux-raspi2 (Ubuntu Xenial)
Status: New => Fix Committed
** Description changed:
- sco_sock_bind issue
+ The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel
+ before 4.3.4 does not verify an address length, which allows local users
+ to obtain sensitive information from kernel memory and bypass the KASLR
+ protection mechanism via a crafted application.
Break-Fix: - 5233252fce714053f0151680933571a2da9cbfb4
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1530407
Title:
CVE-2015-8575
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1530407/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
