ALT-PU-2015-2067-1

Package update kernel-image-un-def in branch t7

Version4.1.13-alt0.M70P.1

Published2015-12-05

Max severityHIGH

Severity:

Closed issues (2)

HIGH7.8

The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.

Published: 2015-10-16Modified: 2025-04-12

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

MEDIUM6.1

The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets.

Published: 2015-10-19Modified: 2025-04-12

CVSS 2.0MEDIUM 6.1

CVSS:2.0/AV:A/AC:L/Au:N/C:N/I:N/A:C

References

Closed bugs (1)

зависание на ядре 4.1.10-std-def