6.2

CVE-2015-8767

net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.3
DebianDebian Linux Version7.0
DebianDebian Linux Version8.0
CanonicalUbuntu Linux Version12.04 SwEditionlts
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version15.10
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.39% 0.307
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.2 2.5 3.6
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
Third Party Advisory
Mailing List
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Third Party Advisory
http://www.ubuntu.com/usn/USN-2967-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2967-2
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0715.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html
Third Party Advisory
Mailing List
http://www.ubuntu.com/usn/USN-2932-1
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html
Third Party Advisory
Mailing List
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html
Third Party Advisory
http://www.debian.org/security/2016/dsa-3448
Third Party Advisory
http://www.debian.org/security/2016/dsa-3503
Third Party Advisory
http://www.ubuntu.com/usn/USN-2931-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2930-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2930-2
Third Party Advisory
http://www.ubuntu.com/usn/USN-2930-3
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=635682a14427d241bab7bbdeebb48a7d7b91638e
Patch
Vendor Advisory
http://www.openwall.com/lists/oss-security/2016/01/11/4
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/80268
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2016:1277
Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1301
Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1341
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1297389
Third Party Advisory
Issue Tracking
https://github.com/torvalds/linux/commit/635682a14427d241bab7bbdeebb48a7d7b91638e
Patch
Third Party Advisory