The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel prior to 4.0.6 do not properly consider yielding a processor, which allows remote malicious users to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
redhat enterprise linux server aus 6.5 |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |
||
canonical ubuntu linux 15.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 12.04 |
Utopic Unicorn gets another gallop to leap security rainbow
Ubuntu has changed its mind on an end-of-life announcement, giving Version 14.10 one last kernel patch to cover off some big vulns. Usually, end-of-life means what it says: a version isn't going to get any more updates, and that was the status of Ubuntu 14.10 “Utopic Unicorn” (guys, it's time to rethink your naming conventions) after July 23. However, the outfit has decided it needs one last patch due to the severity of the bugs discussed here. The bugs are CVE-2015-4692, a KVM NULL-pointer ...