cbcvebase.
CVE-2015-3331
published 2015-05-27

CVE-2015-3331: The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations…

PriorityP349critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
10.11%
95.1th percentile
The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service (buffer overflow and system crash) or possibly execute arbitrary code by triggering a crypto API call, as demonstrated by use of a libkcapi test program with an AF_ALG(aead) socket.

Affected

17 ranges
VendorProductVersion rangeFixed in
canonicalubuntu_linux
debiandebian_linux
debiandebian_linux
debianlinux< linux 3.16.7-ckt9-3 (bookworm)linux 3.16.7-ckt9-3 (bookworm)
linuxlinux_kernel< 3.2.693.2.69
linuxlinux_kernel>= 0 < 3.16.7-ckt9-33.16.7-ckt9-3
linuxlinux_kernel>= 0 < 3.16.7-ckt9-33.16.7-ckt9-3
linuxlinux_kernel>= 0 < 3.16.7-ckt9-33.16.7-ckt9-3
linuxlinux_kernel>= 0 < 3.16.7-ckt9-33.16.7-ckt9-3
linuxlinux_kernel>= 0 < 3.13.0-53.883.13.0-53.88
linuxlinux_kernel>= 3.12 < 3.12.403.12.40
linuxlinux_kernel>= 3.13 < 3.14.373.14.37
linuxlinux_kernel>= 3.15 < 3.16.353.16.35
linuxlinux_kernel>= 3.17 < 3.18.113.18.11
linuxlinux_kernel>= 3.19 < 3.19.33.19.3
linuxlinux_kernel>= 3.3 < 3.4.1083.4.108
linuxlinux_kernel>= 3.5 < 3.10.733.10.73

CVSS provenance

nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.3CRITICAL
vendor_debian9.3CRITICAL
vendor_redhat9.3CRITICAL
vendor_ubuntu6.9MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.