CVE-2015-7990
CVE-2015-7990
Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8c7188b23474cca017b3ef354c4a58456f68303ahttp://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html