Lucene search

K
ubuntucveUbuntu.comUB:CVE-2015-6937
HistorySep 14, 2015 - 12:00 a.m.

CVE-2015-6937

2015-09-1400:00:00
ubuntu.com
ubuntu.com
18

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

8.6%

The __rds_conn_create function in net/rds/connection.c in the Linux kernel
through 4.2.3 allows local users to cause a denial of service (NULL pointer
dereference and system crash) or possibly have unspecified other impact by
using a socket that was not properly bound.

Bugs

Notes

Author Note
jdstrand android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support
sbeattie fix is incomplete, see CVE-2015-7990
OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchlinux< 3.2.0-92.130UNKNOWN
ubuntu14.04noarchlinux< 3.13.0-66.108UNKNOWN
ubuntu15.04noarchlinux< 3.19.0-31.36UNKNOWN
ubuntu12.04noarchlinux-armadaxp< 3.2.0-1657.79UNKNOWN
ubuntu12.04noarchlinux-lts-trusty< 3.13.0-66.108~precise1UNKNOWN
ubuntu14.04noarchlinux-lts-utopic< 3.16.0-51.69~14.04.1UNKNOWN
ubuntu14.04noarchlinux-lts-vivid< 3.19.0-31.36~14.04.1UNKNOWN
ubuntu12.04noarchlinux-ti-omap4< 3.2.0-1472.93UNKNOWN

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

8.6%