PT-2016-4038 · Linux+4 · Linux Kernel+4

Ben Hawkes

Published

2016-03-03

Updated

2018-11-15

CVE-2015-8830

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel version 4.0

Description The issue is related to an integer overflow in the aio setup single vector function in fs/aio.c, which allows local users to cause a denial of service or possibly have other unspecified impacts via a large AIO iovec. This problem exists due to a regression of a previously fixed issue.

Recommendations For Linux kernel version 4.0, consider applying a patch to fix the integer overflow in the aio setup single vector function to prevent potential denial of service or other unspecified impacts.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CESA-2018_1854

CESA-2018_3083

CVE-2015-8830

DSA-3503-1

OPENSUSE-SU-2016_2144-1

RHSA-2018:1854

RHSA-2018:3083

RHSA-2018:3096

RHSA-2018_1854

RHSA-2018_3083

RHSA-2018_3096

USN-2968-1

USN-2968-2

USN-2969-1

USN-2970-1

Affected Products

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2016-4038 · Linux+4 · Linux Kernel+4

CVE-2015-8830

Related Identifiers

Affected Products

References · 59