Linux kernel vulnerabilities

2015-08-18T00:00:00
ID USN-2713-1
Type ubuntu
Reporter Ubuntu
Modified 2015-08-18T00:00:00

Description

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel’s SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2015-3212)

A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums. (CVE-2015-5364)

A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker can cause a denial of service against applications that use epoll by injecting a single packet with an invalid checksum. (CVE-2015-5366)