Published: 08/02/2016 Updated: 30/08/2018

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.2 | Impact Score: 3.6 | Exploitability Score: 2.5

VMScore: 437

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

net/sctp/sm_sideeffect.c in the Linux kernel prior to 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
debian debian linux 7.0
debian debian linux 8.0
canonical ubuntu linux 12.04
canonical ubuntu linux 14.04
canonical ubuntu linux 15.10

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial-of-service CVE-2013-4312 Tetsuo Handa discovered that it is possible for a process to open far more files than the process' limit leading to denial-of-service conditions CVE-2015-7566 Ralf Spenneberg of OpenSource Se ...

The Linux kernel before 441 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unixc and net/unix/garbagec (CVE-2013-4312) A race condition in the tty_ioctl function in drivers/tty/tty_ioc in the Linux ke ...

A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service ...

Several security issues were fixed in the kernel ...

CWE-362 https://github.com/torvalds/linux/commit/635682a14427d241bab7bbdeebb48a7d7b91638e http://www.openwall.com/lists/oss-security/2016/01/11/4 https://bugzilla.redhat.com/show_bug.cgi?id=1297389 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=635682a14427d241bab7bbdeebb48a7d7b91638e https://access.redhat.com/errata/RHSA-2016:1341 https://access.redhat.com/errata/RHSA-2016:1277 https://access.redhat.com/errata/RHSA-2016:1301 http://rhn.redhat.com/errata/RHSA-2016-0715.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.securityfocus.com/bid/80268 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html http://www.debian.org/security/2016/dsa-3503 http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html http://www.ubuntu.com/usn/USN-2967-1 http://www.ubuntu.com/usn/USN-2967-2 http://www.ubuntu.com/usn/USN-2930-1 http://www.ubuntu.com/usn/USN-2931-1 http://www.ubuntu.com/usn/USN-2932-1 http://www.ubuntu.com/usn/USN-2930-3 http://www.ubuntu.com/usn/USN-2930-2 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html http://www.debian.org/security/2016/dsa-3448 https://nvd.nist.gov https://www.debian.org/security/./dsa-3448 https://usn.ubuntu.com/3083-2/

CVE-2015-8767

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect