CVE-2015-5707
CVE-2015-5707
Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=451a2886b6bf90e2fb378f7c46c655450fb96e81http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdc81f45e9f57858da6351836507fbcf1b7583eehttp://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-11/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-11/msg00027.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-11/msg00028.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-11/msg00029.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-11/msg00030.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-11/msg00031.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-11/msg00032.html