← back
CVE-2015-8019

CVE-2015-8019

EPSS 0.4%
The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.htmlhttp://patchwork.ozlabs.org/patch/530642/https://bugzilla.redhat.com/show_bug.cgi?id=1276588http://www.openwall.com/lists/oss-security/2015/10/27/11http://www.securityfocus.com/bid/77326