Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.7
CVSSv3

CVE-2015-4170

Published: 02/05/2016 Updated: 12/11/2017
CVSS v2 Base Score: 4.7 | Impact Score: 6.9 | Exploitability Score: 3.4
CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1
VMScore: 419
Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C
Subscribe to Linux

Vulnerability Summary

Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel prior to 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock) by establishing a new tty thread during shutdown of a previous tty thread.

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

redhat enterprise linux for power little endian eus 7.1_ppc64le

redhat enterprise linux for power big endian eus 7.1_ppc64

redhat enterprise linux for ibm z systems eus 7.1_s390x

redhat enterprise linux compute node eus 7.1

redhat enterprise linux server eus 7.1

Vendor Advisories

Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues, address severalhundred bugs, and add numerous enhancements are now available as part ofthe ongoing support and maintenance of Red H ...
Red Hat: Important: kernel-rt security, bug fix, and enhancement update
Synopsis Important: kernel-rt security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic Updated kernel-rt packages that fix multiple security issues, several bugs,and add various enhancements are now available for Red Hat EnterpriseLinux 7Red Hat Product Security has rated ...
Red Hat: CVE-2015-4170
A flaw was discovered in the way the Linux kernel's TTY subsystem handled the tty shutdown phase A local, unprivileged user could use this flaw to cause denial of service on the system by holding a reference to the ldisc lock during tty shutdown, causing a deadlock ...

References

CWE-362http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cf872776fc84128bb779ce2b83a37c884c3203aehttps://bugzilla.redhat.com/show_bug.cgi?id=1218879http://www.openwall.com/lists/oss-security/2015/05/26/1https://github.com/torvalds/linux/commit/cf872776fc84128bb779ce2b83a37c884c3203aehttps://www.kernel.org/pub/linux/kernel/next/patch-v3.13-rc4-next-20131218.xzhttps://access.redhat.com/errata/RHSA-2016:1395http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttp://www.securityfocus.com/bid/74820https://access.redhat.com/errata/RHSA-2015:2152https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2015-4170
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744privilege escalationCVE-2024-30253CVE-2024-3914cross-site scriptingCVE-2024-31497CVE-2024-3400CVE-2024-32341hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook