what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

CVE-2015-5364

Status Candidate

Overview

The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.

Related Files

Red Hat Security Advisory 2016-1225-01
Posted Jun 14, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1225-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.

tags | advisory, remote, denial of service, kernel, udp
systems | linux, redhat
advisories | CVE-2015-5364, CVE-2015-5366
SHA-256 | 364610f04598d8202fdec3d76c56b7be088799140f67a757409f5a39d388d3a5
Red Hat Security Advisory 2016-1100-01
Posted May 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1100-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.

tags | advisory, remote, denial of service, kernel, udp
systems | linux, redhat
advisories | CVE-2015-5364, CVE-2015-5366
SHA-256 | b70f2e42ede5e8da8e1e8e7a87cd9775e00d40e084a51ce37fc464b37cd86495
Red Hat Security Advisory 2016-1096-01
Posted May 23, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1096-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.

tags | advisory, remote, denial of service, kernel, udp
systems | linux, redhat
advisories | CVE-2015-5364, CVE-2015-5366
SHA-256 | d6f494c765f33232f531d11b2e6eda22f2c43ad3b026c0288860ab76b60b61d2
Red Hat Security Advisory 2016-0045-01
Posted Jan 19, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0045-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.

tags | advisory, remote, denial of service, kernel, udp
systems | linux, redhat
advisories | CVE-2015-5364, CVE-2015-5366
SHA-256 | 63fa4582542d5d5c4e96f11b23581379678336693efaff0c672ad38a91904f82
Red Hat Security Advisory 2015-1788-01
Posted Sep 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1788-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the kernel's implementation of the Berkeley Packet Filter. A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly optimize the JIT image on the last pass. This would lead to the CPU executing instructions that were not part of the JIT code. Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, redhat
advisories | CVE-2014-9585, CVE-2015-0275, CVE-2015-1333, CVE-2015-3212, CVE-2015-4700, CVE-2015-5364, CVE-2015-5366
SHA-256 | 25d0c7614c07675f849c3b6d3284745ade70ce6f99faadcd640f7598d955b66c
Red Hat Security Advisory 2015-1778-01
Posted Sep 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1778-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the kernel's implementation of the Berkeley Packet Filter. A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly optimize the JIT image on the last pass. This would lead to the CPU executing instructions that were not part of the JIT code. Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, redhat
advisories | CVE-2014-9585, CVE-2015-0275, CVE-2015-1333, CVE-2015-3212, CVE-2015-4700, CVE-2015-5364, CVE-2015-5366
SHA-256 | 6931087e4966ef5af97d58d33a14d67431f59be2eca9c49d74bab95c4b9e66ae
Red Hat Security Advisory 2015-1787-01
Posted Sep 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1787-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality. A flaw was found in the way the Linux kernel's ext4 file system handled the "page size > block size" condition when the fallocate zero range functionality was used. A local attacker could use this flaw to crash the system.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, redhat
advisories | CVE-2014-9585, CVE-2015-0275, CVE-2015-1333, CVE-2015-3212, CVE-2015-5364, CVE-2015-5366
SHA-256 | f0b5d577a1722a4499ab101e9890afb3978e9fdaacc73e56678021c7283bdb72
Ubuntu Security Notice USN-2714-1
Posted Aug 18, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2714-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2015-3212, CVE-2015-5364, CVE-2015-5366
SHA-256 | 24bf0876b3696004973e8a4934365e0fcd0572279cc90431d46cf940e050bdb7
Ubuntu Security Notice USN-2713-1
Posted Aug 18, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2713-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2015-3212, CVE-2015-5364, CVE-2015-5366
SHA-256 | 768774b98eb2a5ba82afbe9b7d50455f736972f9f6e89abc3b4e3cdcc6c8ed0a
Red Hat Security Advisory 2015-1623-01
Posted Aug 13, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1623-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.

tags | advisory, remote, denial of service, kernel, udp
systems | linux, redhat
advisories | CVE-2015-5364, CVE-2015-5366
SHA-256 | 5ef5d82f69f0401aa31f4480c0b409a04a5387976f07fa3d12a2cceac9680062
Debian Security Advisory 3329-1
Posted Aug 7, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3329-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2015-1333, CVE-2015-3212, CVE-2015-4692, CVE-2015-4700, CVE-2015-5364, CVE-2015-5366, CVE-2015-5697, CVE-2015-5706, CVE-2015-5707
SHA-256 | 032d7754d15daf5a42e6f9f97780a9dd8431d502054c7f15a05b87b1417f2da4
Ubuntu Security Notice USN-2685-1
Posted Jul 24, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2685-1 - A flaw was discovered in the kvm (kernel virtual machine) subsystem's kvm_apic_has_events function. A unprivileged local user could exploit this flaw to cause a denial of service (system crash). A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2015-4692, CVE-2015-5364, CVE-2015-5366
SHA-256 | ff91b08028ce0d9cbb795da024396ec409ee5bce6874e42ac288d5806e460cc5
Debian Security Advisory 3313-1
Posted Jul 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3313-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2015-3290, CVE-2015-3291, CVE-2015-4167, CVE-2015-5157, CVE-2015-5364, CVE-2015-5366
SHA-256 | 2e58c4b602469b6006a0a897b4f48fb0ecef8c77468fcfdd3958ced23f009b86
Ubuntu Security Notice USN-2684-1
Posted Jul 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2684-1 - A flaw was discovered in the kvm (kernel virtual machine) subsystem's kvm_apic_has_events function. A unprivileged local user could exploit this flaw to cause a denial of service (system crash). Daniel Borkmann reported a kernel crash in the Linux kernel's BPF filter JIT optimization. A local attacker could exploit this flaw to cause a denial of service (system crash). A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2015-4692, CVE-2015-4700, CVE-2015-5364, CVE-2015-5366
SHA-256 | c2a387be4e13bc76e8d691c26a62d180fdafc4908f03c7bf1cdfa528bcb41df7
Ubuntu Security Notice USN-2683-1
Posted Jul 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2683-1 - A flaw was discovered in the kvm (kernel virtual machine) subsystem's kvm_apic_has_events function. A unprivileged local user could exploit this flaw to cause a denial of service (system crash). Daniel Borkmann reported a kernel crash in the Linux kernel's BPF filter JIT optimization. A local attacker could exploit this flaw to cause a denial of service (system crash). A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2015-4692, CVE-2015-4700, CVE-2015-5364, CVE-2015-5366
SHA-256 | 3af9e86c7769bcaffec157bf917b3e0a30ab6bc938c69d9a3b2611e3ee7a8ec6
Ubuntu Security Notice USN-2682-1
Posted Jul 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2682-1 - A flaw was discovered in the kvm (kernel virtual machine) subsystem's kvm_apic_has_events function. A unprivileged local user could exploit this flaw to cause a denial of service (system crash). A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2015-4692, CVE-2015-5364, CVE-2015-5366
SHA-256 | a6a98fab9d0381b3994020610c156d8f63399b7e9c2518b29e9dac5d0ac7b685
Ubuntu Security Notice USN-2681-1
Posted Jul 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2681-1 - A flaw was discovered in the user space memory copying for the pipe iovecs in the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. A flaw was discovered in the kvm (kernel virtual machine) subsystem's kvm_apic_has_events function. A unprivileged local user could exploit this flaw to cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1805, CVE-2015-4692, CVE-2015-4700, CVE-2015-5364, CVE-2015-5366
SHA-256 | ff3d9b87245aa7a7be470860e38a4c3db83869527facf2395999f9c0ee992785
Ubuntu Security Notice USN-2680-1
Posted Jul 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2680-1 - A flaw was discovered in the user space memory copying for the pipe iovecs in the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. A flaw was discovered in the kvm (kernel virtual machine) subsystem's kvm_apic_has_events function. A unprivileged local user could exploit this flaw to cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1805, CVE-2015-4692, CVE-2015-4700, CVE-2015-5364, CVE-2015-5366
SHA-256 | 9f8c52cb857d1bf6c9403fdeb6ee3ffa2190d244d316b7b2e938a8957adf6f3b
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close