UBUNTU-CVE-2015-1420
Advisory lineage Upstream: 1 Downstream: 3
Upstream
Downstream
Published: 16 Mar 2015, 00:00
Last modified:22 Apr 2026, 10:02
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
16 Mar 2015, 00:00
Published
Vulnerability first disclosed
22 Apr 2026, 10:02
Last Modified
Vulnerability information updated
Description
Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.
Affected Systems
- ubuntu•linux
< 3.13.0-57.95
- ubuntu•linux-lts-utopic
< 3.16.0-43.58~14.04.1
- ubuntu•linux-lts-vivid
< 3.19.0-22.22~14.04.1
References (11)
- https://ubuntu.com/security/CVE-2015-1420
- http://marc.info/?l=linux-kernel&m=142247707318982&w=2
- https://ubuntu.com/security/notices/USN-2660-1
- https://ubuntu.com/security/notices/USN-2661-1
- https://ubuntu.com/security/notices/USN-2662-1
- https://ubuntu.com/security/notices/USN-2663-1
- https://ubuntu.com/security/notices/USN-2664-1
- https://ubuntu.com/security/notices/USN-2665-1
- https://ubuntu.com/security/notices/USN-2666-1
- https://ubuntu.com/security/notices/USN-2667-1
- https://www.cve.org/CVERecord?id=CVE-2015-1420