[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-6252Date: (C)2015-12-15   (M)2024-04-19


The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.1
Exploit Score: 3.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1033666
BID-76400
DSA-3364
SUSE-SU-2015:1727
SUSE-SU-2015:2108
SUSE-SU-2016:0354
SUSE-SU-2016:2074
USN-2748-1
USN-2749-1
USN-2751-1
USN-2752-1
USN-2759-1
USN-2760-1
USN-2777-1
http://www.openwall.com/lists/oss-security/2015/08/18/3
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.5
https://bugzilla.redhat.com/show_bug.cgi?id=1251839
https://github.com/torvalds/linux/commit/7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5

CPE    1
cpe:/o:linux:linux_kernel
CWE    1
CWE-399
OVAL    16
oval:org.secpod.oval:def:702762
oval:org.secpod.oval:def:702760
oval:org.secpod.oval:def:52583
oval:org.secpod.oval:def:52587
...

© SecPod Technologies