Vulnerability: Bypassing seccomp and audit protection mechanism in Linux kernel

Vulnerability: Bypassing seccomp and audit protection mechanism in Linux kernel

CVE-2015-2830 · LOW Severity

AV:L/AC:M/AU:N/C:N/I:P/A:N

arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrated by an attack against seccomp before 3.16.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.