Race condition vulnerability in handle_to_path function in Linux kernel through 3.19.1 allows local users to bypass size restrictions and trigger unauthorized read operations

Race condition vulnerability in handle_to_path function in Linux kernel through 3.19.1 allows local users to bypass size restrictions and trigger unauthorized read operations

CVE-2015-1420 · LOW Severity

AV:L/AC:M/AU:N/C:P/I:N/A:N

Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.