CVE-2015-4004 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2015-4004 Interim 1 11 2022-11-29T03:24:08Z current 2021-05-30T13:30:17Z 2022-11-29T03:24:08Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2015-4004 The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via a crafted packet. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2016-02/msg00000.html E-Mail link for openSUSE-SU-2016:0301-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 12 kernel-default kernel-default-base kernel-default-devel kernel-default-extra kernel-default-man kernel-devel kernel-macros kernel-source kernel-default as a component of SUSE Linux Enterprise Desktop 11 SP2 kernel-source as a component of SUSE Linux Enterprise Desktop 11 SP2 kernel-default as a component of SUSE Linux Enterprise Desktop 11 SP3 kernel-source as a component of SUSE Linux Enterprise Desktop 11 SP3 kernel-default as a component of SUSE Linux Enterprise Desktop 11 SP4 kernel-source as a component of SUSE Linux Enterprise Desktop 11 SP4 kernel-default as a component of SUSE Linux Enterprise Desktop 12 kernel-default-devel as a component of SUSE Linux Enterprise Desktop 12 kernel-default-extra as a component of SUSE Linux Enterprise Desktop 12 kernel-devel as a component of SUSE Linux Enterprise Desktop 12 kernel-macros as a component of SUSE Linux Enterprise Desktop 12 kernel-source as a component of SUSE Linux Enterprise Desktop 12 kernel-default as a component of SUSE Linux Enterprise Server 11 SP2 kernel-source as a component of SUSE Linux Enterprise Server 11 SP2 kernel-default as a component of SUSE Linux Enterprise Server 11 SP2 LTSS kernel-source as a component of SUSE Linux Enterprise Server 11 SP2 LTSS kernel-default as a component of SUSE Linux Enterprise Server 11 SP3 kernel-default-base as a component of SUSE Linux Enterprise Server 11 SP3 kernel-default-devel as a component of SUSE Linux Enterprise Server 11 SP3 kernel-default-man as a component of SUSE Linux Enterprise Server 11 SP3 kernel-source as a component of SUSE Linux Enterprise Server 11 SP3 kernel-default as a component of SUSE Linux Enterprise Server 12 kernel-default-base as a component of SUSE Linux Enterprise Server 12 kernel-default-devel as a component of SUSE Linux Enterprise Server 12 kernel-default-man as a component of SUSE Linux Enterprise Server 12 kernel-devel as a component of SUSE Linux Enterprise Server 12 kernel-macros as a component of SUSE Linux Enterprise Server 12 kernel-source as a component of SUSE Linux Enterprise Server 12 The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via a crafted packet. CVE-2015-4004 SUSE Linux Enterprise Desktop 11 SP2:kernel-default SUSE Linux Enterprise Desktop 11 SP2:kernel-source SUSE Linux Enterprise Desktop 11 SP3:kernel-default SUSE Linux Enterprise Desktop 11 SP3:kernel-source SUSE Linux Enterprise Desktop 11 SP4:kernel-default SUSE Linux Enterprise Desktop 11 SP4:kernel-source SUSE Linux Enterprise Desktop 12:kernel-default SUSE Linux Enterprise Desktop 12:kernel-default-devel SUSE Linux Enterprise Desktop 12:kernel-default-extra SUSE Linux Enterprise Desktop 12:kernel-devel SUSE Linux Enterprise Desktop 12:kernel-macros SUSE Linux Enterprise Desktop 12:kernel-source SUSE Linux Enterprise Server 11 SP2 LTSS:kernel-default SUSE Linux Enterprise Server 11 SP2 LTSS:kernel-source SUSE Linux Enterprise Server 11 SP2:kernel-default SUSE Linux Enterprise Server 11 SP2:kernel-source SUSE Linux Enterprise Server 11 SP3:kernel-default SUSE Linux Enterprise Server 11 SP3:kernel-default-base SUSE Linux Enterprise Server 11 SP3:kernel-default-devel SUSE Linux Enterprise Server 11 SP3:kernel-default-man SUSE Linux Enterprise Server 11 SP3:kernel-source SUSE Linux Enterprise Server 12:kernel-default SUSE Linux Enterprise Server 12:kernel-default-base SUSE Linux Enterprise Server 12:kernel-default-devel SUSE Linux Enterprise Server 12:kernel-default-man SUSE Linux Enterprise Server 12:kernel-devel SUSE Linux Enterprise Server 12:kernel-macros SUSE Linux Enterprise Server 12:kernel-source important 8.5 AV:N/AC:L/Au:N/C:P/I:N/A:C