CVE-2015-7799

MEDIUM

Description

The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.

References

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html

http://www.debian.org/security/2015/dsa-3426

http://www.openwall.com/lists/oss-security/2015/10/10/3

http://www.securityfocus.com/bid/77033

http://www.securitytracker.com/id/1033809

http://www.ubuntu.com/usn/USN-2841-1

http://www.ubuntu.com/usn/USN-2841-2

http://www.ubuntu.com/usn/USN-2842-1

http://www.ubuntu.com/usn/USN-2842-2

http://www.ubuntu.com/usn/USN-2843-1

http://www.ubuntu.com/usn/USN-2843-2

http://www.ubuntu.com/usn/USN-2843-3

http://www.ubuntu.com/usn/USN-2844-1

http://www.ubuntu.com/usn/USN-2886-1

https://bugzilla.redhat.com/show_bug.cgi?id=1271134

https://code.google.com/p/android/issues/detail?id=187973

Details

Source: MITRE

Published: 2015-10-19

Updated: 2017-03-24

Type: NVD-CWE-Other

Risk Information

CVSS v2.0

Base Score: 4.9

Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:C)

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

Tenable Plugins

View all (28 total)

ID	Name	Product	Family	Severity
124812	EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1488)	Nessus	Huawei Local Security Checks	high
124798	EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1474)	Nessus	Huawei Local Security Checks	high
93679	OracleVM 3.4 : Unbreakable / etc (OVMSA-2016-0100)	Nessus	OracleVM Local Security Checks	critical
93289	SUSE SLES11 Security Update : kernel (SUSE-SU-2016:2074-1)	Nessus	SuSE Local Security Checks	critical
93148	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3596)	Nessus	Oracle Linux Local Security Checks	critical
92679	Debian DSA-3426-1 : Linux Security Update	Nessus	Debian Local Security Checks	medium
90884	SUSE SLES11 Security Update : kernel (SUSE-SU-2016:1203-1)	Nessus	SuSE Local Security Checks	critical
90482	openSUSE Security Update : the Linux Kernel (openSUSE-2016-445)	Nessus	SuSE Local Security Checks	critical
89459	Fedora 21 : kernel-4.1.13-100.fc21 (2015-f2c534bc12)	Nessus	Fedora Local Security Checks	medium
89412	Fedora 22 : kernel-4.2.6-200.fc22 (2015-cd94ad8d7c)	Nessus	Fedora Local Security Checks	medium
89149	Fedora 23 : kernel-4.2.6-300.fc23 (2015-115c302856)	Nessus	Fedora Local Security Checks	medium
89022	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:0585-1)	Nessus	SuSE Local Security Checks	high
88605	openSUSE Security Update : the Linux Kernel (openSUSE-2016-136)	Nessus	SuSE Local Security Checks	high
88545	openSUSE Security Update : the Linux Kernel (openSUSE-2016-124)	Nessus	SuSE Local Security Checks	critical
88518	Ubuntu 12.04 LTS : linux vulnerabilities (USN-2886-1)	Nessus	Ubuntu Local Security Checks	medium
87651	SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2015:2339-1)	Nessus	SuSE Local Security Checks	high
87498	Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2843-3)	Nessus	Ubuntu Local Security Checks	medium
87497	Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2843-2)	Nessus	Ubuntu Local Security Checks	medium
87495	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2015:2292-1)	Nessus	SuSE Local Security Checks	medium
87471	Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2844-1)	Nessus	Ubuntu Local Security Checks	medium
87470	Ubuntu 15.10 : linux vulnerabilities (USN-2843-1)	Nessus	Ubuntu Local Security Checks	medium
87469	Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2842-2)	Nessus	Ubuntu Local Security Checks	medium
87468	Ubuntu 15.04 : linux vulnerabilities (USN-2842-1)	Nessus	Ubuntu Local Security Checks	medium
87467	Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2841-2)	Nessus	Ubuntu Local Security Checks	medium
87466	Ubuntu 14.04 LTS : linux vulnerabilities (USN-2841-1)	Nessus	Ubuntu Local Security Checks	medium
87391	openSUSE Security Update : the Linux Kernel (openSUSE-2015-879)	Nessus	SuSE Local Security Checks	medium
87265	Debian DLA-360-1 : linux-2.6 security update	Nessus	Debian Local Security Checks	medium
87214	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2015:2194-1)	Nessus	SuSE Local Security Checks	medium