NVD

Id
28368  
Name
CVE-2015-8019  
Description
The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call.  
Reject
 
CVSS Version
2  
CVSS Score
7.2  
Severity
High  
CVSS Base Score
7.2  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2016-05-02  
Modified Date
2016-11-28  
Seq
2015-8019  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
149129 28368 CVE-2015-8019 SUSE-SU-2016:1961  View
149130 28368 CVE-2015-8019 SUSE-SU-2016:1994  View
149131 28368 CVE-2015-8019 SUSE-SU-2016:1995  View
149132 28368 CVE-2015-8019 SUSE-SU-2016:2005  View
149133 28368 CVE-2015-8019 SUSE-SU-2016:2009  View
149134 28368 CVE-2015-8019 http://patchwork.ozlabs.org/patch/530642/  View
149135 28368 CVE-2015-8019 [oss-security] 20151027 CVE Request: Linux kernel: Buffer overflow when copying data from skbuff to userspace  View
149136 28368 CVE-2015-8019 77326  View
149137 28368 CVE-2015-8019 https://bugzilla.redhat.com/show_bug.cgi?id=1276588  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
11809 JVNDB-2015-007129 Linux Kernel の net/core/datagram.c の skb_copy_and_csum_datagram_iovec 関数におけるサービス運用妨害 (DoS) の脆弱性 Linux Kernel の net/core/datagram.c の skb_copy_and_csum_datagram_iovec 関数は、length 引数を受け取らないため、サービス運用妨害 (メモリ破損) 状態にされるなど、不特定の影響を受ける脆弱性が存在します。 CVE-2015-8019 85244 CVE-2015-8019 28368 7.2 7.8 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-007129.html 2015-10-30 2016-05-11 View