Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-8324

Опубликовано: 02 мая 2016
Источник: debian

Описание

The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted USB device, related to the ext4_fill_super function.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed2.6.37-1package
linux-2.6removedpackage

Примечания

  • https://www.openwall.com/lists/oss-security/2015/11/23/2

  • https://bugs.openvz.org/browse/OVZ-6541

  • https://bugzilla.redhat.com/show_bug.cgi?id=1267261

  • Commit fixing the issue: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=744692dc059845b2a3022119871846e74d4f6e11 (v2.6.34-rc1)

Связанные уязвимости

ubuntu логотип

CVE-2015-8324

CVSS3: 4.6
ubuntu
около 9 лет назад

The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted USB device, related to the ext4_fill_super function.

redhat логотип

CVE-2015-8324

redhat
больше 9 лет назад

The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted USB device, related to the ext4_fill_super function.

nvd логотип

CVE-2015-8324

CVSS3: 4.6
nvd
около 9 лет назад

The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted USB device, related to the ext4_fill_super function.

github логотип

GHSA-f6x7-vppw-cjgq

CVSS3: 4.6
github
около 3 лет назад

The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted USB device, related to the ext4_fill_super function.

oracle-oval логотип

ELSA-2016-3567

oracle-oval
около 9 лет назад

ELSA-2016-3567: Unbreakable Enterprise kernel security update (IMPORTANT)