CVE

Id
79099  
CVE No.
CVE-2015-1822  
Status
Candidate  
Description
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.  
Phase
Assigned (20150217)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
720606 79099 CVE-2015-1822 MLIST:[chrony-announce] 20150407 chrony-1.31.1 released (security)  View
720607 79099 CVE-2015-1822 URL:http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html  View
720608 79099 CVE-2015-1822 CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html  View
720609 79099 CVE-2015-1822 DEBIAN:DSA-3222  View
720610 79099 CVE-2015-1822 URL:http://www.debian.org/security/2015/dsa-3222  View
720611 79099 CVE-2015-1822 BID:73956  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
6403 JVNDB-2015-001723 WordPress 用 Contact Form DB プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 WordPress 用 Contact Form DB (別名 CFDB and contact-form-7-to-database-extension) プラグインには、クロスサイトリクエストフォージェリの脆弱性が存在します。 CVE-2015-1874 79099 6.8 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-001723.html  View