Vulnerability Details CVE-2015-3643
usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local users to gain privileges by leveraging a missing call check_polkit for the KVMTest method.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.6%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
- http://www.openwall.com/lists/oss-security/2015/04/22/12
- http://www.openwall.com/lists/oss-security/2015/05/04/3
- http://www.securityfocus.com/bid/74304
- https://bazaar.launchpad.net/~usb-creator-hackers/usb-creator/trunk/revision/470
- https://usn.ubuntu.com/usn/usn-2576-1/
- https://usn.ubuntu.com/usn/usn-2576-2/
- https://www.exploit-db.com/exploits/36820/
- http://www.openwall.com/lists/oss-security/2015/04/22/12
- http://www.openwall.com/lists/oss-security/2015/05/04/3
- http://www.securityfocus.com/bid/74304
- https://bazaar.launchpad.net/~usb-creator-hackers/usb-creator/trunk/revision/470
- https://usn.ubuntu.com/usn/usn-2576-1/
- https://usn.ubuntu.com/usn/usn-2576-2/
- https://www.exploit-db.com/exploits/36820/
Products affected by CVE-2015-3643
-
cpe:2.3:a:usb-creator_project:usb-creator:-
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.35.1
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.35.2
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.35.2ubuntu1
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.36
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.37
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.38
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.38.1
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.38.2
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.38.3
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.38.3ubuntu0.1
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.38.3ubuntu0.2
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.39
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.40
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.40ubuntu1
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.40ubuntu2
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.40ubuntu3
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.41
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.42
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.43
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.45
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.45.1
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.46
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.46.1
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.47
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.47.1
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.47.2
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.48
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.49
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.50
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.50.1
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.51
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.52
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.53
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.54
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.55
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.56
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.56.1
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.56.2
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.56.3
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.56.3ubuntu0.1
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.56.3ubuntu0.2
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.57
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.58
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.59
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.60
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.61
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.62
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.62ubuntu0.1
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.62ubuntu0.2
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.62ubuntu0.3
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.63
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.64
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.65
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.66
-
cpe:2.3:a:usb-creator_project:usb-creator:0.2.67
-
cpe:2.3:o:canonical:ubuntu_linux:12.04
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:canonical:ubuntu_linux:14.10
-
cpe:2.3:o:canonical:ubuntu_linux:15.04