PT-2015-3233 · Linux+5 · Linux Kernel+5

Wade Mealing

·

Publicado

2015-12-31

·

Atualizado

2023-01-19

·

CVE-2015-8812

CVSS v2.0

10

Crítica

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.5
Description The issue is related to the incorrect identification of error conditions in the Linux kernel component drivers/infiniband/hw/cxgb3/iwch cm.c. This can be exploited by a remote attacker using specially crafted network traffic, potentially allowing the execution of arbitrary code or causing a denial of service (use-after-free).
Recommendations For Linux kernel versions prior to 4.5, update to version 4.5 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-17

Identificadores relacionados

ALT-PU-2016-1188
ALT-PU-2016-1485
BDU:2016-01134
CESA-2016_2574
CVE-2015-8812
DLA-439-1
DSA-3503-1
OPENSUSE-SU-2016_1008-1
OPENSUSE-SU-2016_2144-1
RHSA-2016:2574
RHSA-2016:2584
RHSA-2016_2574
RHSA-2016_2584
SUSE-SU-2016:0785-1
SUSE-SU-2016:0911-1
SUSE-SU-2016:1019-1
SUSE-SU-2016:1031-1
SUSE-SU-2016:1032-1
SUSE-SU-2016:1033-1
SUSE-SU-2016:1034-1
SUSE-SU-2016:1035-1
SUSE-SU-2016:1037-1
SUSE-SU-2016:1038-1
SUSE-SU-2016:1039-1
SUSE-SU-2016:1040-1
SUSE-SU-2016:1041-1
SUSE-SU-2016:1045-1
SUSE-SU-2016:1046-1
SUSE-SU-2016:1102-1
SUSE-SU-2016:1203-1
SUSE-SU-2016:1764-1
SUSE-SU-2016:2074-1
USN-2946-1
USN-2946-2
USN-2947-1
USN-2947-2
USN-2947-3
USN-2948-1
USN-2948-2
USN-2949-1
USN-2967-1
USN-2967-2

Produtos afetados

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu