← volver
CVE-2015-8019

CVE-2015-8019

EPSS 0.4%
The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.htmlhttp://patchwork.ozlabs.org/patch/530642/https://bugzilla.redhat.com/show_bug.cgi?id=1276588http://www.openwall.com/lists/oss-security/2015/10/27/11http://www.securityfocus.com/bid/77326