CVE-2015-6252
Ubuntu Security Notice USN-2751-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation.
La función vhost_dev_ioctl en drivers/vhost/vhost.c en el kernel de Linux en versiones anteriores a 4.1.5 permite a usuarios locales provocar una denegación de servicio (consumo de memoria) a través de una llamada VHOST_SET_LOG_FD ioctl que desencadena la asignación de un descriptor de fichero permanente.
It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service (system crash) or possibly execute code with administrative privileges. Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-08-17 CVE Reserved
- 2015-09-23 CVE Published
- 2024-08-06 CVE Updated
- 2025-06-13 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (19)
URL | Tag | Source |
---|---|---|
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5 | X_refsource_confirm | |
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.5 | X_refsource_confirm | |
http://www.openwall.com/lists/oss-security/2015/08/18/3 | Mailing List |
|
http://www.securityfocus.com/bid/76400 | Vdb Entry | |
http://www.securitytracker.com/id/1033666 | Vdb Entry | |
https://bugzilla.redhat.com/show_bug.cgi?id=1251839 | X_refsource_confirm | |
https://github.com/torvalds/linux/commit/7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html | 2017-11-04 | |
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html | 2017-11-04 | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html | 2017-11-04 | |
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html | 2017-11-04 | |
http://www.debian.org/security/2015/dsa-3364 | 2017-11-04 | |
http://www.ubuntu.com/usn/USN-2748-1 | 2017-11-04 | |
http://www.ubuntu.com/usn/USN-2749-1 | 2017-11-04 | |
http://www.ubuntu.com/usn/USN-2751-1 | 2017-11-04 | |
http://www.ubuntu.com/usn/USN-2752-1 | 2017-11-04 | |
http://www.ubuntu.com/usn/USN-2759-1 | 2017-11-04 | |
http://www.ubuntu.com/usn/USN-2760-1 | 2017-11-04 | |
http://www.ubuntu.com/usn/USN-2777-1 | 2017-11-04 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 4.1.4 Search vendor "Linux" for product "Linux Kernel" and version " <= 4.1.4" | - |
Affected
|