CVE-2015-8785

Published: Feb 8, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1290642

x_refsource_CONFIRM

https://github.com/torvalds/linux/commit/3ca8138f014a913f98e6ef40e939868e1e9ea876

x_refsource_CONFIRM

USN-2886-1

vendor-advisory

x_refsource_UBUNTU

DSA-3503

vendor-advisory

x_refsource_DEBIAN

81688

vdb-entry

x_refsource_BID

SUSE-SU-2016:1764

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:1102

vendor-advisory

x_refsource_SUSE

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ca8138f014a913f98e6ef40e939868e1e9ea876

x_refsource_CONFIRM

SUSE-SU-2016:2074

vendor-advisory

x_refsource_SUSE

http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html

x_refsource_CONFIRM

[oss-security] 20160124 CVE Request: Linux: fuse: possible denial of service in fuse_fill_write_pages()

mailing-list

x_refsource_MLIST

openSUSE-SU-2016:1008

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:0911

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-8785

Description

Affected Products

References