DEBIAN-CVE-2015-1593

Advisory lineage Upstream: 1 Downstream: 2

Upstream

CVE-2015-1593

Downstream

DLA-155-1 DSA-3170-1

Published: 16 Mar 2015, 10:59

Last modified:28 Apr 2026, 20:14

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

16 Mar 2015, 10:59

Published

Vulnerability first disclosed

28 Apr 2026, 20:14

Last Modified

Vulnerability information updated

Description

The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c.

Affected Systems

debian•linux
< 3.16.7-ckt7-1 | < 3.16.7-ckt7-1 | < 3.16.7-ckt7-1 | < 3.16.7-ckt7-1

References (1)

https://security-tracker.debian.org/tracker/CVE-2015-1593