** Description changed: - [virt-io max-skb-frags heap overflow] + The virtnet_probe function in drivers/net/virtio_net.c in the Linux + kernel before 4.2 attempts to support a FRAGLIST feature without proper + memory allocation, which allows guest OS users to cause a denial of + service (buffer overflow and memory corruption) via a crafted sequence + of fragmented packets. Break-Fix: - 48900cb6af4282fa0fb6ff4d72a81aa3dadb5c39
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1484793 Title: CVE-2015-5156 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1484793/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
