** Changed in: linux (Ubuntu Wily)
Status: New => Fix Committed
** Changed in: linux (Ubuntu Trusty)
Status: New => Fix Committed
** Changed in: linux (Ubuntu Vivid)
Status: New => Fix Committed
** Description changed:
- [Incomplete fix for CVE-2015-6937, RDS socket handling]
+ Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the
+ Linux kernel before 4.3.3 allows local users to cause a denial of
+ service (NULL pointer dereference and system crash) or possibly have
+ unspecified other impact by using a socket that was not properly bound.
+ NOTE: this vulnerability exists because of an incomplete fix for
+ CVE-2015-6937.
Break-Fix: 74e98eb085889b0d2d4908f59f6e00026063014f
8c7188b23474cca017b3ef354c4a58456f68303a
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1510805
Title:
CVE-2015-7990
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1510805/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
