PT-2016-3994 · Linux+3 · Linux Kernel+3

Vladis Dronov

Published

2015-10-06

Updated

2018-01-05

CVE-2015-8746

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.2.2

Description The issue is related to the NFS client in the Linux kernel, where memory for migration recovery operations is not properly initialized. This allows remote NFS servers to cause a denial of service, resulting in a NULL pointer dereference and panic, via crafted network traffic.

Recommendations For Linux kernel versions prior to 4.2.2, update to version 4.2.2 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2015-1834

ALT-PU-2016-1485

CESA-2016_2574

CVE-2015-8746

RHSA-2016:2574

RHSA-2016:2584

RHSA-2016_2574

RHSA-2016_2584

Affected Products

Alt Linux

Centos

Linux Kernel

Red Hat

PT-2016-3994 · Linux+3 · Linux Kernel+3

CVE-2015-8746

Related Identifiers

Affected Products

References · 20