ALT-PU-2015-1928-1
Package kernel-image-std-def updated to version 3.14.56-alt0.M70P.1 for branch p7 in task 152231.
Closed vulnerabilities
Published: 2016-05-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8019
The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call.
Severity: HIGH (7.8)
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- SUSE-SU-2016:1961
- SUSE-SU-2016:1961
- SUSE-SU-2016:1994
- SUSE-SU-2016:1994
- SUSE-SU-2016:1995
- SUSE-SU-2016:1995
- SUSE-SU-2016:2005
- SUSE-SU-2016:2005
- SUSE-SU-2016:2009
- SUSE-SU-2016:2009
- http://patchwork.ozlabs.org/patch/530642/
- http://patchwork.ozlabs.org/patch/530642/
- [oss-security] 20151027 CVE Request: Linux kernel: Buffer overflow when copying data from skbuff to userspace
- [oss-security] 20151027 CVE Request: Linux kernel: Buffer overflow when copying data from skbuff to userspace
- 77326
- 77326
- https://bugzilla.redhat.com/show_bug.cgi?id=1276588
- https://bugzilla.redhat.com/show_bug.cgi?id=1276588