** Changed in: linux-snapdragon (Ubuntu Precise)
Status: New => Invalid
** Changed in: linux-snapdragon (Ubuntu Precise)
Importance: Undecided => Medium
** Changed in: linux-snapdragon (Ubuntu Wily)
Status: New => Invalid
** Changed in: linux-snapdragon (Ubuntu Wily)
Importance: Undecided => Medium
** Changed in: linux-snapdragon (Ubuntu Xenial)
Status: New => Invalid
** Changed in: linux-snapdragon (Ubuntu Xenial)
Importance: Undecided => Medium
** Changed in: linux-snapdragon (Ubuntu Yakkety)
Status: New => Invalid
** Changed in: linux-snapdragon (Ubuntu Yakkety)
Importance: Undecided => Medium
** Changed in: linux-snapdragon (Ubuntu Trusty)
Status: New => Invalid
** Changed in: linux-snapdragon (Ubuntu Trusty)
Importance: Undecided => Medium
** Description changed:
- A flaw was found in the CXGB3 kernel driver when the network was
- considered congested. The kernel would incorrectly misinterpret the
- congestion as an error condition and incorrectly free/clean up the skb.
- When the device would then send the skb's queued, these structures would
- be referenced and may panic the system or allow an attacker to escalate
- privileges in a use-after-free scenario.
+ drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5
+ does not properly identify error conditions, which allows remote
+ attackers to execute arbitrary code or cause a denial of service (use-
+ after-free) via crafted packets.
Break-Fix: 04b5d028f50ff05a8f9ae049ee71f8fdfcf1f5de
67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1545029
Title:
CVE-2015-8812
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1545029/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
