CVE 2015-8543
The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.
Related bugs and status
CVE-2015-8543 (Candidate) is related to these bugs:
Bug #1525570: CVE-2015-8543
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1525570 | CVE-2015-8543 | linux (Ubuntu) | Medium | Fix Released | ||
| 1525570 | CVE-2015-8543 | linux-fsl-imx51 (Ubuntu) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-mvl-dove (Ubuntu) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-lts-backport-maverick (Ubuntu) | Undecided | New | ||
| 1525570 | CVE-2015-8543 | linux-lts-backport-natty (Ubuntu) | Undecided | New | ||
| 1525570 | CVE-2015-8543 | linux-ti-omap4 (Ubuntu) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-ec2 (Ubuntu) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux (Ubuntu Xenial) | Medium | Fix Committed | ||
| 1525570 | CVE-2015-8543 | linux-ec2 (Ubuntu Xenial) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-fsl-imx51 (Ubuntu Xenial) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-lts-backport-maverick (Ubuntu Xenial) | Undecided | New | ||
| 1525570 | CVE-2015-8543 | linux-lts-backport-natty (Ubuntu Xenial) | Undecided | New | ||
| 1525570 | CVE-2015-8543 | linux-mvl-dove (Ubuntu Xenial) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-ti-omap4 (Ubuntu Xenial) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux (Ubuntu Wily) | Medium | Fix Released | ||
| 1525570 | CVE-2015-8543 | linux-ec2 (Ubuntu Wily) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-fsl-imx51 (Ubuntu Wily) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-lts-backport-maverick (Ubuntu Wily) | Undecided | New | ||
| 1525570 | CVE-2015-8543 | linux-lts-backport-natty (Ubuntu Wily) | Undecided | New | ||
| 1525570 | CVE-2015-8543 | linux-mvl-dove (Ubuntu Wily) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-ti-omap4 (Ubuntu Wily) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux (Ubuntu Vivid) | Medium | Won't Fix | ||
| 1525570 | CVE-2015-8543 | linux-ec2 (Ubuntu Vivid) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-fsl-imx51 (Ubuntu Vivid) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-lts-backport-maverick (Ubuntu Vivid) | Undecided | New | ||
| 1525570 | CVE-2015-8543 | linux-lts-backport-natty (Ubuntu Vivid) | Undecided | New | ||
| 1525570 | CVE-2015-8543 | linux-mvl-dove (Ubuntu Vivid) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-ti-omap4 (Ubuntu Vivid) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux (Ubuntu Trusty) | Medium | Fix Released | ||
| 1525570 | CVE-2015-8543 | linux-ec2 (Ubuntu Trusty) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-fsl-imx51 (Ubuntu Trusty) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-lts-backport-maverick (Ubuntu Trusty) | Undecided | New | ||
| 1525570 | CVE-2015-8543 | linux-lts-backport-natty (Ubuntu Trusty) | Undecided | New | ||
| 1525570 | CVE-2015-8543 | linux-mvl-dove (Ubuntu Trusty) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-ti-omap4 (Ubuntu Trusty) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux (Ubuntu Precise) | Medium | Fix Released | ||
| 1525570 | CVE-2015-8543 | linux-ec2 (Ubuntu Precise) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-fsl-imx51 (Ubuntu Precise) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-lts-backport-maverick (Ubuntu Precise) | Undecided | Won't Fix | ||
| 1525570 | CVE-2015-8543 | linux-lts-backport-natty (Ubuntu Precise) | Undecided | Won't Fix | ||
| 1525570 | CVE-2015-8543 | linux-mvl-dove (Ubuntu Precise) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-ti-omap4 (Ubuntu Precise) | Medium | Fix Released | ||
| 1525570 | CVE-2015-8543 | linux-lts-trusty (Ubuntu) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-lts-trusty (Ubuntu Precise) | Medium | Fix Released | ||
| 1525570 | CVE-2015-8543 | linux-lts-trusty (Ubuntu Trusty) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-lts-trusty (Ubuntu Vivid) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-lts-trusty (Ubuntu Wily) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-lts-trusty (Ubuntu Xenial) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-armadaxp (Ubuntu) | Medium | Invalid | ||
| 1525570 | CVE-2015-8543 | linux-armadaxp (Ubuntu Precise) | Medium | Fix Released | ||
Bug #1540559: linux: 3.13.0-78.122 -proposed tracker
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1540559 | linux: 3.13.0-78.122 -proposed tracker | linux (Ubuntu) | Medium | Invalid | ||
| 1540559 | linux: 3.13.0-78.122 -proposed tracker | linux (Ubuntu Trusty) | Medium | Fix Released | ||
| 1540559 | linux: 3.13.0-78.122 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
| 1540559 | linux: 3.13.0-78.122 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
| 1540559 | linux: 3.13.0-78.122 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Fix Released | ||
| 1540559 | linux: 3.13.0-78.122 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
| 1540559 | linux: 3.13.0-78.122 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
| 1540559 | linux: 3.13.0-78.122 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
| 1540559 | linux: 3.13.0-78.122 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
| 1540559 | linux: 3.13.0-78.122 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
| 1540559 | linux: 3.13.0-78.122 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
| 1540559 | linux: 3.13.0-78.122 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
| 1540559 | linux: 3.13.0-78.122 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
| 1540559 | linux: 3.13.0-78.122 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
