Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-5283

Опубликовано: 19 окт. 2015
Источник: debian
EPSS Низкий

Описание

The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed4.2.1-2package
linuxfixed3.16.7-ckt11-1+deb8u5jessiepackage
linuxnot-affectedwheezypackage
linux-2.6not-affectedpackage

Примечания

  • Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e2d61e0aed2b7c4ecb35844fe07e0b2b762dee4 (v4.3-rc3)

  • Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4db67e808640e3934d82ce61ee8e2e89fd877ba8 (v3.7-rc1)

EPSS

Процентиль: 31%
0.00114
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2015-5283

ubuntu
больше 9 лет назад

The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished.

redhat логотип

CVE-2015-5283

redhat
больше 9 лет назад

The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished.

nvd логотип

CVE-2015-5283

nvd
больше 9 лет назад

The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished.

github логотип

GHSA-3v9v-m657-f3rh

github
около 3 лет назад

The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished.

oracle-oval логотип

ELSA-2015-3101

oracle-oval
больше 9 лет назад

ELSA-2015-3101: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 31%
0.00114
Низкий
Уязвимость CVE-2015-5283