Debian: DSA-3329-1 Critical: Kernel Flaws Cause Service Outages
debian
August 7, 2015
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak
Summary
CVE-2015-1333
Colin Ian King discovered a flaw in the add_key function of the
Linux kernel's keyring subsystem. A local user can exploit this flaw
to cause a denial of service due to memory exhaustion.
CVE-2015-3212
Ji Jianwen of Red Hat Engineering discovered a flaw in the handling
of the SCTPs automatic handling of dynamic multi-homed connections.
A local attacker could use this flaw to cause a crash or potentially
for privilege escalation.
CVE-2015-4692
A NULL pointer dereference flaw was found in the
kvm_apic_has_events function in the KVM subsystem. A unprivileged
local user could exploit this flaw to crash the system kernel
resulting in denial of service.
CVE-2015-4700
Daniel Borkmann discovered a flaw in the Linux kernel implementation
of the Berkeley Packet Filter which can be used by a local user to
crash the system.
CVE-2015-5364
It was discovered that the Linux kernel does not properly handle
invalid UDP checksums. A remote atta...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux
CVE ID: CVE-2015-1333 CVE-2015-3212 CVE-2015-4692 CVE-2015-4700
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!