QwikSec

Security Database

CVE

CWE

Training

CVE-2015-8543

Published: Dec 28, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_SECTRACK

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2016:1102

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_BID

SUSE-SU-2016:2074

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9

x_refsource_CONFIRM

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

[oss-security] 20151209 Re: CVE request - Android kernel - IPv6 connect cause a denial of service

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_UBUNTU

https://bugzilla.redhat.com/show_bug.cgi?id=1290475

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:0911

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.