PT-2016-4038 · Linux+4 · Linux Kernel+4

Ben Hawkes

Publicado

2016-03-03

Atualizado

2018-11-15

CVE-2015-8830

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel version 4.0

Description The issue is related to an integer overflow in the aio setup single vector function in fs/aio.c, which allows local users to cause a denial of service or possibly have other unspecified impacts via a large AIO iovec. This problem exists due to a regression of a previously fixed issue.

Recommendations For Linux kernel version 4.0, consider applying a patch to fix the integer overflow in the aio setup single vector function to prevent potential denial of service or other unspecified impacts.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CESA-2018_1854

CESA-2018_3083

CVE-2015-8830

DSA-3503-1

OPENSUSE-SU-2016_2144-1

RHSA-2018:1854

RHSA-2018:3083

RHSA-2018:3096

RHSA-2018_1854

RHSA-2018_3083

RHSA-2018_3096

USN-2968-1

USN-2968-2

USN-2969-1

USN-2970-1

Produtos afetados

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2016-4038 · Linux+4 · Linux Kernel+4

CVE-2015-8830

Identificadores relacionados

Produtos afetados

Referências · 59