CVE-2015-5364

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.0.6

Description The issue concerns the udp recvmsg and udpv6 recvmsg functions in the Linux kernel, which do not properly consider yielding a processor. This allows remote attackers to cause a denial of service, resulting in a system hang, by sending a flood of UDP packets with incorrect checksums.

Recommendations For Linux kernel versions prior to 4.0.6, update to version 4.0.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable functions udp recvmsg and udpv6 recvmsg to minimize the risk of exploitation.

Exploit

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

ALT-PU-2015-1564

ALT-PU-2015-1568

CESA-2015_1623

CESA-2015_1778

CVE-2015-5364

DLA-310-1

DSA-3313-1

DSA-3329-1

OPENSUSE-SU-2015_1382-1

OPENSUSE-SU-2016_0301-1

RHSA-2015:1623

RHSA-2015:1778

RHSA-2015:1787

RHSA-2015:1788

RHSA-2015_1623

RHSA-2015_1778

RHSA-2015_1788

RHSA-2016:0045

RHSA-2016:1096

RHSA-2016:1100

RHSA-2016:1225

RHSA-2016_0045

SUSE-SU-2015:1224-1

SUSE-SU-2015:1324-1

SUSE-SU-2015:1478-1

SUSE-SU-2015:1487-1

SUSE-SU-2015:1488-1

SUSE-SU-2015:1489-1

SUSE-SU-2015:1490-1

SUSE-SU-2015:1491-1

SUSE-SU-2015:1592-1

SUSE-SU-2015:1611-1

SUSE-SU-2015:1678-1

SUSE-SU-2015:2167-1

USN-2680-1

USN-2681-1

USN-2682-1

USN-2683-1

USN-2684-1

USN-2685-1

USN-2713-1

USN-2714-1

Affected Products

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

CVE-2015-5364

Weakness Enumeration

Related Identifiers

Affected Products

References · 332