CVE-2015-6937

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 19-10-2015 12:59

Last modified: - 21-09-2022 08:44

Total changes: - 2

Description

The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.

Common Vulnerability Scoring System (CVSS)

AV:L/AC:L/Au:N/C:N/I:N/A:C

Low

Attack complexity

Local

Attack vector

High

Availability

None

Confidentiality

None

Integrity

Privileges required

Scope

User interaction

4.9

Base score

3.9

6.9

Exploitability score

Impact score

Verification logic

Reference

[oss-security] 20150914 CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c-Mailing List, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1263139
https://github.com/torvalds/linux/commit/74e98eb085889b0d2d4908f59f6e00026063014f
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74e98eb085889b0d2d4908f59f6e00026063014f
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
SUSE-SU-2016:2074-Mailing List, Third Party Advisory
76767-Third Party Advisory, VDB Entry
SUSE-SU-2016:0380-Mailing List, Third Party Advisory
SUSE-SU-2016:0386-Mailing List, Third Party Advisory
SUSE-SU-2016:0384-Mailing List, Third Party Advisory
SUSE-SU-2016:0337-Mailing List, Third Party Advisory
SUSE-SU-2016:0335-Mailing List, Third Party Advisory
SUSE-SU-2016:0387-Mailing List, Third Party Advisory
SUSE-SU-2016:0434-Mailing List, Third Party Advisory
SUSE-SU-2016:0381-Mailing List, Third Party Advisory
SUSE-SU-2016:0383-Mailing List, Third Party Advisory
SUSE-SU-2016:0354-Mailing List, Third Party Advisory
SUSE-SU-2015:2108-Mailing List, Third Party Advisory
1034453-Third Party Advisory, VDB Entry
SUSE-SU-2015:2339-Mailing List, Third Party Advisory
SUSE-SU-2015:2350-Mailing List, Third Party Advisory
USN-2777-1-Third Party Advisory
openSUSE-SU-2015:2232-Mailing List, Third Party Advisory
FEDORA-2015-16417-Third Party Advisory
USN-2773-1-Third Party Advisory
FEDORA-2015-16440-Third Party Advisory
USN-2774-1-Third Party Advisory
FEDORA-2015-16441-Third Party Advisory
SUSE-SU-2015:1727-Mailing List, Third Party Advisory
DSA-3364-Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

Keywords

CVE-2015-6937

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2015-6937

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures