Published: 19/10/2015 Updated: 12/02/2023

CVSS v2 Base Score: 6.1 | Impact Score: 6.9 | Exploitability Score: 6.5

VMScore: 543

Vector: AV:A/AC:L/Au:N/C:N/I:N/A:C

The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel prior to 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Debian Bug report logs - #796036 linux-image-3160-4-amd64: concurrent msync triggers NULL pointer dereference Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: Xavier Chantry <xavierchantry@interseccom> Date: Tue, 18 Aug 2015 18:09:01 UTC Severity: i ...

Several security issues were fixed in the kernel ...

A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO (Generic Receive Offload) functionality was enabled in a bridged network configuration An attacker on the local network could potentially use this flaw to crash the system, or, although unlikely, elevate their privileges on th ...

在之后的学习中会记录自己每天花在虚拟化上的时间，以下图勉励自己，希望自己可以追赶上别人的步伐写于20201214 虚拟化：32 hours 学习：64 hours Learning_Record 第一周 ( 2020629 - 202075 ) : STL(一) 弄完STL vector 补C++ 南大计算机基础第二周 ( 2020706 - 2020712 ) : STL(二) 弄完STL list tr

CWE-119 https://bugzilla.redhat.com/show_bug.cgi?id=1243852 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=48900cb6af4282fa0fb6ff4d72a81aa3dadb5c39 https://github.com/torvalds/linux/commit/48900cb6af4282fa0fb6ff4d72a81aa3dadb5c39 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://rhn.redhat.com/errata/RHSA-2016-0855.html http://www.securityfocus.com/bid/76230 http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169378.html http://rhn.redhat.com/errata/RHSA-2015-1978.html http://www.ubuntu.com/usn/USN-2777-1 http://www.securitytracker.com/id/1034045 http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171454.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html http://www.ubuntu.com/usn/USN-2774-1 http://www.ubuntu.com/usn/USN-2773-1 http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html http://www.debian.org/security/2015/dsa-3364 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796036 https://nvd.nist.gov https://usn.ubuntu.com/2777-1/https://access.redhat.com/security/cve/cve-2015-5156

CVE-2015-5156

Vulnerability Summary

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect