CVE-2015-8962

Updated: 2023-12-06

CWE: Double Free

Description:

Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.

CVSS3: 7.3


Vendor State

OS Vendor version Errata
Ubuntu 14.04 3.13.0-125.174 USN-3360-1

KernelCare State

OS Original kernel version State
Ubuntu 14.04
3.13.0-46.77 show all hide all
3.13.0-53.87 3.13.0-62.101 3.13.0-53.88 3.13.0-39.66 3.13.0-65.106 3.13.0-57.95 3.13.0-92.139 3.13.0-96.143 3.13.0-37.64 3.13.0-95.142 3.13.0-49.83 3.13.0-115.162 3.13.0-68.111 3.13.0-59.98 3.13.0-101.148 3.13.0-100.147 3.13.0-117.164 3.13.0-71.114 3.13.0-86.130 3.13.0-91.138 3.13.0-107.154 3.13.0-67.110 3.13.0-70.113 3.13.0-76.120 3.13.0-106.153 3.13.0-116.163 3.13.0-41.70 3.13.0-36.63 3.13.0-44.73 3.13.0-49.81 3.13.0-86.131 3.13.0-85.129 3.13.0-46.75 3.13.0-112.159 3.13.0-40.69 3.13.0-98.145 3.13.0-119.166 3.13.0-108.155 3.13.0-33.58 3.13.0-110.157 3.13.0-105.152 3.13.0-73.116 3.13.0-43.72 3.13.0-51.84 3.13.0-62.102 3.13.0-83.127 3.13.0-54.91 3.13.0-109.156 3.13.0-111.158 3.13.0-113.160 3.13.0-38.65 3.13.0-40.68 3.13.0-45.74 3.13.0-46.76 3.13.0-52.86 3.13.0-55.94 3.13.0-61.100 3.13.0-64.104 3.13.0-66.107 3.13.0-69.112 3.13.0-72.115 3.13.0-75.119 3.13.0-65.105 3.13.0-123.172 3.13.0-77.121 3.13.0-58.97 3.13.0-32.57 3.13.0-46.79 3.13.0-74.118 3.13.0-52.85 3.13.0-34.60 3.13.0-35.62 3.13.0-48.80 3.13.0-87.133 3.13.0-93.140 3.13.0-66.108 3.13.0-103.150 3.13.0-63.103 3.13.0-121.170 3.13.0-88.135 3.13.0-55.92 3.13.0-53.89 3.13.0-79.123
Released
Debian 8
3.16.7-ckt9-3~deb8u1 show all hide all
3.16.7-ckt11-1+deb8u2 3.16.7-ckt20-1+deb8u2 3.16.7-ckt11-1+deb8u3 3.16.7-ckt20-1+deb8u4 3.16.7-ckt25-2+deb8u2 3.16.36-1+deb8u2 3.16.7-ckt25-1 3.16.7-ckt11-1+deb8u4 3.16.7-ckt25-2 3.16.7-ckt11-1+deb8u5 3.16.7-ckt20-1+deb8u3 3.16.7-ckt11-1+deb8u6 3.16.7-ckt11-1+deb8u1 3.16.7-ckt25-2+deb8u1 3.16.7-ckt25-2+deb8u3 3.16.7-ckt11-1 3.16.36-1+deb8u1 3.16.7-ckt20-1+deb8u1
Released
Debian 10 cloud
Will Not Fix
Debian 9 backports
Will Not Fix