Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 441
Alerts This Week
Warning Icon 1 441

Debian: DSA-3329-1 Critical: Kernel Flaws Cause Service Outages

debian
Calendar Grey August 7, 2015
Debian Logo
- ------------------------------------------------------------------------- Debian Security Advisory
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak

Summary

CVE-2015-1333

Colin Ian King discovered a flaw in the add_key function of the
Linux kernel's keyring subsystem. A local user can exploit this flaw
to cause a denial of service due to memory exhaustion.

CVE-2015-3212

Ji Jianwen of Red Hat Engineering discovered a flaw in the handling
of the SCTPs automatic handling of dynamic multi-homed connections.
A local attacker could use this flaw to cause a crash or potentially
for privilege escalation.

CVE-2015-4692

A NULL pointer dereference flaw was found in the
kvm_apic_has_events function in the KVM subsystem. A unprivileged
local user could exploit this flaw to crash the system kernel
resulting in denial of service.

CVE-2015-4700

Daniel Borkmann discovered a flaw in the Linux kernel implementation
of the Berkeley Packet Filter which can be used by a local user to
crash the system.

CVE-2015-5364

It was discovered that the Linux kernel does not properly handle
invalid UDP checksums. A remote atta...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: linux
CVE ID: CVE-2015-1333 CVE-2015-3212 CVE-2015-4692 CVE-2015-4700

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.