The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel prior to 4.0.6 provide inappropriate -EAGAIN return values, which allows remote malicious users to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
redhat enterprise linux server aus 6.5 |
Utopic Unicorn gets another gallop to leap security rainbow
Ubuntu has changed its mind on an end-of-life announcement, giving Version 14.10 one last kernel patch to cover off some big vulns. Usually, end-of-life means what it says: a version isn't going to get any more updates, and that was the status of Ubuntu 14.10 “Utopic Unicorn” (guys, it's time to rethink your naming conventions) after July 23. However, the outfit has decided it needs one last patch due to the severity of the bugs discussed here. The bugs are CVE-2015-4692, a KVM NULL-pointer ...