USN-2634-1

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2015-3636 CVE-2015-4036 UBUNTU-CVE-2015-3636 UBUNTU-CVE-2015-4036

Published: 10 Jun 2015, 21:47

Last modified:22 Apr 2026, 09:13

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

10 Jun 2015, 21:47

Published

Vulnerability first disclosed

22 Apr 2026, 09:13

Last Modified

Vulnerability information updated

Description

linux vulnerabilities Wen Xu discovered a use-after-free flaw in the Linux kernel's ipv4 ping support. A local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges on the system. (CVE-2015-3636) A memory corruption flaw was discovered in the Linux kernel's scsi subsystem. A local attacker could potentially exploit this flaw to cause a denial of service (system crash). (CVE-2015-4036)

Affected Systems

ubuntu•linux
< 3.13.0-54.91

References (3)

https://ubuntu.com/security/notices/USN-2634-1
https://ubuntu.com/security/CVE-2015-3636
https://ubuntu.com/security/CVE-2015-4036