CVE-2015-9016

Опубликовано: 09 авг. 2015

Источник: redhat

CVSS3: 5.5

EPSS Низкий

Описание

In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android. Versions: Android kernel. Android ID: A-63083046.

A race condition was found in the block multi queue subsystem of the Linux kernel. This may lead to a kernel panic or have another unknown side affect.

Отчет

This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-alt	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-362

https://bugzilla.redhat.com/show_bug.cgi?id=1544700kernel: Race condition in block/blk-mq.c:blk_mq_tag_to_rq() can lead to kernel oops

EPSS

Процентиль: 6%

0.00024

Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2015-9016

CVSS3: 7

ubuntu

почти 8 лет назад

CVE-2015-9016

CVSS3: 7

nvd

почти 8 лет назад

CVE-2015-9016

CVSS3: 7

debian

почти 8 лет назад

In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a pos ...

GHSA-6q4m-7h3g-6qjr

CVSS3: 7

github

больше 3 лет назад

EPSS

Процентиль: 6%

0.00024

Низкий

5.5 Medium

CVSS3