Lucene search

K
ubuntucveUbuntu.comUB:CVE-2015-6937
HistorySep 14, 2015 - 12:00 a.m.

CVE-2015-6937

2015-09-1400:00:00
ubuntu.com
ubuntu.com
26

CVSS2

5.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:P/I:P/A:C

CVSS3

5.8

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

EPSS

0

Percentile

10.1%

The __rds_conn_create function in net/rds/connection.c in the Linux kernel
through 4.2.3 allows local users to cause a denial of service (NULL pointer
dereference and system crash) or possibly have unspecified other impact by
using a socket that was not properly bound.

Bugs

Notes

Author Note
jdstrand android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support
sbeattie fix is incomplete, see CVE-2015-7990
OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchlinux< 3.2.0-92.130UNKNOWN
ubuntu14.04noarchlinux< 3.13.0-66.108UNKNOWN
ubuntu15.04noarchlinux< 3.19.0-31.36UNKNOWN
ubuntu12.04noarchlinux-armadaxp< 3.2.0-1657.79UNKNOWN
ubuntu12.04noarchlinux-lts-trusty< 3.13.0-66.108~precise1UNKNOWN
ubuntu14.04noarchlinux-lts-utopic< 3.16.0-51.69~14.04.1UNKNOWN
ubuntu14.04noarchlinux-lts-vivid< 3.19.0-31.36~14.04.1UNKNOWN
ubuntu12.04noarchlinux-ti-omap4< 3.2.0-1472.93UNKNOWN

CVSS2

5.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:P/I:P/A:C

CVSS3

5.8

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

EPSS

0

Percentile

10.1%