PT-2015-7413 · Linux+3 · Linux Kernel+3

Martin Prpič

Publicado

2015-09-14

Atualizado

2018-10-17

CVE-2015-6937

CVSS v2.0

4.9

Média

Vetor

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.2.3

Description The issue allows local users to cause a denial of service, potentially leading to a system crash, by utilizing a socket that was not properly bound. This is due to a problem in the rds conn create function.

Recommendations For Linux kernel versions prior to 4.2.3, update to version 4.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the rds conn create function to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2015-1924

ALT-PU-2016-1485

CVE-2015-6937

DLA-310-1

DSA-3364-1

DSA-3396-1

MGASA-2016-0005

MGASA-2016-0014

MGASA-2016-0015

MGASA-2016-0225

MGASA-2016-0232

MGASA-2016-0233

OPENSUSE-SU-2016_0301-1

OPENSUSE-SU-2016_0318-1

SUSE-SU-2015:1727-1

SUSE-SU-2015:2108-1

SUSE-SU-2015:2339-1

SUSE-SU-2015:2350-1

SUSE-SU-2016:0335-1

SUSE-SU-2016:0337-1

SUSE-SU-2016:0354-1

SUSE-SU-2016:0380-1

SUSE-SU-2016:0381-1

SUSE-SU-2016:0383-1

SUSE-SU-2016:0384-1

SUSE-SU-2016:0386-1

SUSE-SU-2016:0387-1

SUSE-SU-2016:0434-1

SUSE-SU-2016:2074-1

USN-2773-1

USN-2774-1

USN-2775-1

USN-2776-1

USN-2777-1

USN-2778-1

USN-2779-1

Produtos afetados

Alt Linux

Linux Kernel

Suse

Ubuntu

PT-2015-7413 · Linux+3 · Linux Kernel+3

CVE-2015-6937

Identificadores relacionados

Produtos afetados

Referências · 400