CVE-2015-7885

Low CVSS 2.3

Overview

The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.

CWE: CWE-200 Published: 2015-12-28T11:59:03.200

Risk analysis

This vulnerability is rated 🟢 LOW.

CVSS: 2.3 (LOW)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags