http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ea3d7209ca01da209cda6f0dea8be9cc4b7a933b

[oss-security] 20160401 Re: ext4 data corruption due to punch hole races

85798

1035455

USN-3005-1

USN-3006-1

USN-3007-1

RHSA-2017:1842

RHSA-2017:2077

RHSA-2017:2669

https://bugzilla.redhat.com/show_bug.cgi?id=1323577

https://github.com/torvalds/linux/commit/ea3d7209ca01da209cda6f0dea8be9cc4b7a933b

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  - The function hso_get_config_data in     drivers/net/usb/hso.c in the Linux kernel through     4.19.8 reads if_num from the USB device (as a u8) and     uses it to index a small array, resulting in an object     out-of-bounds (OOB) read that potentially allows     arbitrary read in the kernel address     space.(CVE-2018-19985)

  - An industry-wide issue was found in the way many modern     microprocessor designs have implemented speculative     execution of instructions (a commonly used performance     optimization). There are three primary variants of the     issue which differ in the way the speculative execution     can be exploited. Variant CVE-2017-5754 relies on the     fact that, on impacted microprocessors, during     speculative execution of instruction permission faults,     exception generation triggered by a faulting access is     suppressed until the retirement of the whole     instruction block. In a combination with the fact that     memory accesses may populate the cache even when the     block is being dropped and never committed (executed),     an unprivileged local attacker could use this flaw to     read privileged (kernel space) memory by conducting     targeted cache side-channel attacks. Note:
    CVE-2017-5754 affects Intel x86-64 microprocessors. AMD     x86-64 microprocessors are not affected by this     issue.(CVE-2017-5754)

  - A non-privileged user is able to mount a fuse     filesystem on RHEL 6 or 7 and crash a system if an     application punches a hole in a file that does not end     aligned to a page boundary.(CVE-2017-15121)

  - A flaw was found in the Linux kernel when attempting to     'punch a hole' in files existing on an ext4 filesystem.
    When punching holes into a file races with the page     fault of the same area, it is possible that freed     blocks remain referenced from page cache pages mapped     to process' address space.(CVE-2015-8839)

  - An industry-wide issue was found in the way many modern     microprocessor designs have implemented speculative     execution of instructions past bounds check. The flaw     relies on the presence of a precisely-defined     instruction sequence in the privileged code and the     fact that memory writes occur to an address which     depends on the untrusted value. Such writes cause an     update into the microprocessor's data cache even for     speculatively executed instructions that never actually     commit (retire). As a result, an unprivileged attacker     could use this flaw to influence speculative execution     and/or read privileged memory by conducting targeted     cache side-channel attacks.(CVE-2018-3693)

  - A Floating Point Unit (FPU) state information leakage     flaw was found in the way the Linux kernel saved and     restored the FPU state during task switch. Linux     kernels that follow the 'Lazy FPU Restore' scheme are     vulnerable to the FPU state information leakage issue.
    An unprivileged local attacker could use this flaw to     read FPU state bits by conducting targeted cache     side-channel attacks, similar to the Meltdown     vulnerability disclosed earlier this     year.(CVE-2018-3665)

  - A bug in the 32-bit compatibility layer of the ioctl     handling code of the v4l2 video driver in the Linux     kernel has been found. A memory protection mechanism     ensuring that user-provided buffers always point to a     userspace memory were disabled, allowing destination     address to be in a kernel space. This flaw could be     exploited by an attacker to overwrite a kernel memory     from an unprivileged userspace process, leading to     privilege escalation.(CVE-2017-13166)

  - It was found that the raw midi kernel driver does not     protect against concurrent access which leads to a     double realloc (double free) in     snd_rawmidi_input_params() and     snd_rawmidi_output_status() which are part of     snd_rawmidi_ioctl() handler in rawmidi.c file. A     malicious local attacker could possibly use this for     privilege escalation.(CVE-2018-10902)

  - A flaw was found in the Linux kernel's implementation     of valid_master_desc() in which a memory buffer would     be compared to a userspace value with an incorrect size     of comparison. By bruteforcing the comparison, an     attacker could determine what was in memory after the     description and possibly obtain sensitive information     from kernel memory.(CVE-2017-13305)

  - A flaw was found in the Linux kernel's ext4 filesystem.
    A local user can cause an out-of-bound write in in     fs/jbd2/transaction.c code, a denial of service, and a     system crash by unmounting a crafted ext4 filesystem     image.(CVE-2018-10882)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An update for kernel-rt is now available for Red Hat Enterprise MRG 2.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es) :

* A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotify_handle_event() and vfs_rename() while running the rename operation against the same file. As a result of the race the next slab data or the slab's free list pointer can be corrupted with attacker-controlled data, which may lead to the privilege escalation.
(CVE-2017-7533, Important)

* It was found that the NFSv4 server in the Linux kernel did not properly validate layout type when processing NFSv4 pNFS LAYOUTGET and GETDEVICEINFO operands. A remote attacker could use this flaw to soft-lockup the system and thus cause denial of service.
(CVE-2017-8797, Important)

This update also fixes multiple Moderate and Low impact security issues :

CVE-2017-8797 CVE-2015-8839 CVE-2016-9576 CVE-2016-7042 CVE-2016-7097 CVE-2016-8645 CVE-2016-9576 CVE-2016-9806 CVE-2016-10088 CVE-2017-2671 CVE-2017-5970 CVE-2017-6001 CVE-2017-6951 CVE-2017-7187 CVE-2017-7889 CVE-2017-8890 CVE-2017-9074 CVE-2017-8890 CVE-2017-9075 CVE-2017-8890 CVE-2017-9076 CVE-2017-8890 CVE-2017-9077 CVE-2016-9604 CVE-2016-9685

Documentation for these issues are available from the Technical Notes document linked to in the References section.

Red Hat would like to thank Leilei Lin (Alibaba Group), Fan Wu (The University of Hong Kong), and Shixiong Zhao (The University of Hong Kong) for reporting CVE-2017-7533 and Marco Grassi for reporting CVE-2016-8645. The CVE-2016-7042 issue was discovered by Ondrej Kozina (Red Hat); the CVE-2016-7097 issue was discovered by Andreas Gruenbacher (Red Hat) and Jan Kara (SUSE); the CVE-2016-9604 issue was discovered by David Howells (Red Hat); and the CVE-2016-9685 issue was discovered by Qian Cai (Red Hat).

An update for kernel is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es) :

* An use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system.
(CVE-2016-10200, Important)

* A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.
(CVE-2017-2647, Important)

* It was found that the NFSv4 server in the Linux kernel did not properly validate layout type when processing NFSv4 pNFS LAYOUTGET and GETDEVICEINFO operands. A remote attacker could use this flaw to soft-lockup the system and thus cause denial of service.
(CVE-2017-8797, Important)

This update also fixes multiple Moderate and Low impact security issues :

* CVE-2015-8839, CVE-2015-8970, CVE-2016-9576, CVE-2016-7042, CVE-2016-7097, CVE-2016-8645, CVE-2016-9576, CVE-2016-9588, CVE-2016-9806, CVE-2016-10088, CVE-2016-10147, CVE-2017-2596, CVE-2017-2671, CVE-2017-5970, CVE-2017-6001, CVE-2017-6951, CVE-2017-7187, CVE-2017-7616, CVE-2017-7889, CVE-2017-8890, CVE-2017-9074, CVE-2017-8890, CVE-2017-9075, CVE-2017-8890, CVE-2017-9076, CVE-2017-8890, CVE-2017-9077, CVE-2017-9242, CVE-2014-7970, CVE-2014-7975, CVE-2016-6213, CVE-2016-9604, CVE-2016-9685

Documentation for these issues is available from the Release Notes document linked from the References section.

Red Hat would like to thank Igor Redko (Virtuozzo) and Andrey Ryabinin (Virtuozzo) for reporting CVE-2017-2647; Igor Redko (Virtuozzo) and Vasily Averin (Virtuozzo) for reporting CVE-2015-8970; Marco Grassi for reporting CVE-2016-8645; and Dmitry Vyukov (Google Inc.) for reporting CVE-2017-2596. The CVE-2016-7042 issue was discovered by Ondrej Kozina (Red Hat); the CVE-2016-7097 issue was discovered by Andreas Gruenbacher (Red Hat) and Jan Kara (SUSE); the CVE-2016-6213 and CVE-2016-9685 issues were discovered by Qian Cai (Red Hat); and the CVE-2016-9604 issue was discovered by David Howells (Red Hat).

Additional Changes :

For detailed information on other changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Security Fix(es) :

  - An use-after-free flaw was found in the Linux kernel     which enables a race condition in the L2TPv3 IP     Encapsulation feature. A local user could use this flaw     to escalate their privileges or crash the system.
    (CVE-2016-10200, Important)

  - A flaw was found that can be triggered in     keyring_search_iterator in keyring.c if type->match is     NULL. A local user could use this flaw to crash the     system or, potentially, escalate their privileges.
    (CVE-2017-2647, Important)

  - It was found that the NFSv4 server in the Linux kernel     did not properly validate layout type when processing     NFSv4 pNFS LAYOUTGET and GETDEVICEINFO operands. A     remote attacker could use this flaw to soft- lockup the     system and thus cause denial of service. (CVE-2017-8797,     Important)

This update also fixes multiple Moderate and Low impact security issues :

  - CVE-2015-8839, CVE-2015-8970, CVE-2016-9576,     CVE-2016-7042, CVE-2016-7097, CVE-2016-8645,     CVE-2016-9576, CVE-2016-9588, CVE-2016-9806,     CVE-2016-10088, CVE-2016-10147, CVE-2017-2596,     CVE-2017-2671, CVE-2017-5970, CVE-2017-6001,     CVE-2017-6951, CVE-2017-7187, CVE-2017-7616,     CVE-2017-7889, CVE-2017-8890, CVE-2017-9074,     CVE-2017-8890, CVE-2017-9075, CVE-2017-8890,     CVE-2017-9076, CVE-2017-8890, CVE-2017-9077,     CVE-2017-9242, CVE-2014-7970, CVE-2014-7975,     CVE-2016-6213, CVE-2016-9604, CVE-2016-9685

From Red Hat Security Advisory 2017:1842 :

An update for kernel is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es) :

* An use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system.
(CVE-2016-10200, Important)

* A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.
(CVE-2017-2647, Important)

* It was found that the NFSv4 server in the Linux kernel did not properly validate layout type when processing NFSv4 pNFS LAYOUTGET and GETDEVICEINFO operands. A remote attacker could use this flaw to soft-lockup the system and thus cause denial of service.
(CVE-2017-8797, Important)

This update also fixes multiple Moderate and Low impact security issues :

* CVE-2015-8839, CVE-2015-8970, CVE-2016-9576, CVE-2016-7042, CVE-2016-7097, CVE-2016-8645, CVE-2016-9576, CVE-2016-9588, CVE-2016-9806, CVE-2016-10088, CVE-2016-10147, CVE-2017-2596, CVE-2017-2671, CVE-2017-5970, CVE-2017-6001, CVE-2017-6951, CVE-2017-7187, CVE-2017-7616, CVE-2017-7889, CVE-2017-8890, CVE-2017-9074, CVE-2017-8890, CVE-2017-9075, CVE-2017-8890, CVE-2017-9076, CVE-2017-8890, CVE-2017-9077, CVE-2017-9242, CVE-2014-7970, CVE-2014-7975, CVE-2016-6213, CVE-2016-9604, CVE-2016-9685

Documentation for these issues is available from the Release Notes document linked from the References section.

Red Hat would like to thank Igor Redko (Virtuozzo) and Andrey Ryabinin (Virtuozzo) for reporting CVE-2017-2647; Igor Redko (Virtuozzo) and Vasily Averin (Virtuozzo) for reporting CVE-2015-8970; Marco Grassi for reporting CVE-2016-8645; and Dmitry Vyukov (Google Inc.) for reporting CVE-2017-2596. The CVE-2016-7042 issue was discovered by Ondrej Kozina (Red Hat); the CVE-2016-7097 issue was discovered by Andreas Gruenbacher (Red Hat) and Jan Kara (SUSE); the CVE-2016-6213 and CVE-2016-9685 issues were discovered by Qian Cai (Red Hat); and the CVE-2016-9604 issue was discovered by David Howells (Red Hat).

Additional Changes :

For detailed information on other changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - An issue was discovered in the size of the stack guard     page on Linux, specifically a 4k stack guard page is     not sufficiently large and can be 'jumped' over (the     stack guard page is bypassed), this affects Linux     Kernel versions 4.11.5 and earlier (the stackguard page     was introduced in 2010).(CVE-2017-1000364)

  - The make_response function in     drivers/block/xen-blkback/blkback.c in the Linux kernel     before 4.11.8 allows guest OS users to obtain sensitive     information from host OS (or other guest OS) kernel     memory by leveraging the copying of uninitialized     padding fields in Xen block-interface response     structures, aka XSA-216.(CVE-2017-10911)

  - Multiple race conditions in the ext4 filesystem     implementation in the Linux kernel before 4.5 allow     local users to cause a denial of service (disk     corruption) by writing to a page that is associated     with a different user's file after unsynchronized hole     punching and page-fault handling.(CVE-2015-8839)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es) :

* An use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system.
(CVE-2016-10200, Important)

* A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.
(CVE-2017-2647, Important)

* It was found that the NFSv4 server in the Linux kernel did not properly validate layout type when processing NFSv4 pNFS LAYOUTGET and GETDEVICEINFO operands. A remote attacker could use this flaw to soft-lockup the system and thus cause denial of service.
(CVE-2017-8797, Important)

This update also fixes multiple Moderate and Low impact security issues :

* CVE-2015-8839, CVE-2015-8970, CVE-2016-9576, CVE-2016-7042, CVE-2016-7097, CVE-2016-8645, CVE-2016-9576, CVE-2016-9588, CVE-2016-9806, CVE-2016-10088, CVE-2016-10147, CVE-2017-2596, CVE-2017-2671, CVE-2017-5970, CVE-2017-6001, CVE-2017-6951, CVE-2017-7187, CVE-2017-7616, CVE-2017-7889, CVE-2017-8890, CVE-2017-9074, CVE-2017-8890, CVE-2017-9075, CVE-2017-8890, CVE-2017-9076, CVE-2017-8890, CVE-2017-9077, CVE-2017-9242, CVE-2014-7970, CVE-2014-7975, CVE-2016-6213, CVE-2016-9604, CVE-2016-9685

Documentation for these issues is available from the Release Notes document linked from the References section.

Red Hat would like to thank Igor Redko (Virtuozzo) and Andrey Ryabinin (Virtuozzo) for reporting CVE-2017-2647; Igor Redko (Virtuozzo) and Vasily Averin (Virtuozzo) for reporting CVE-2015-8970; Marco Grassi for reporting CVE-2016-8645; and Dmitry Vyukov (Google Inc.) for reporting CVE-2017-2596. The CVE-2016-7042 issue was discovered by Ondrej Kozina (Red Hat); the CVE-2016-7097 issue was discovered by Andreas Gruenbacher (Red Hat) and Jan Kara (SUSE); the CVE-2016-6213 and CVE-2016-9685 issues were discovered by Qian Cai (Red Hat); and the CVE-2016-9604 issue was discovered by David Howells (Red Hat).

Additional Changes :

For detailed information on other changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-2117)

Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-1583)

Multiple race conditions where discovered in the Linux kernel's ext4 file system. A local user could exploit this flaw to cause a denial of service (disk corruption) by writing to a page that is associated with a different users file after unsynchronized hole punching and page-fault handling. (CVE-2015-8839)

Ralf Spenneberg discovered that the Linux kernel's GTCO digitizer USB device driver did not properly validate endpoint descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-2187)

Vitaly Kuznetsov discovered that the Linux kernel did not properly suppress hugetlbfs support in X86 paravirtualized guests. An attacker in the guest OS could cause a denial of service (guest system crash).
(CVE-2016-3961)

Kangjie Lu discovered an information leak in the ANSI/IEEE 802.2 LLC type 2 Support implementations in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-4485)

Kangjie Lu discovered an information leak in the routing netlink socket interface (rtnetlink) implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-4486)

Jann Horn discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel could overflow reference counters on systems with more than 32GB of physical ram and with RLIMIT_MEMLOCK set to infinite. A local unprivileged attacker could use to create a use-after- free situation, causing a denial of service (system crash) or possibly gain administrative privileges. (CVE-2016-4558)

Jann Horn discovered that the InfiniBand interfaces within the Linux kernel could be coerced into overwriting kernel memory. A local unprivileged attacker could use this to possibly gain administrative privileges on systems where InifiniBand related kernel modules are loaded. (CVE-2016-4565)

It was discovered that in some situations the Linux kernel did not handle propagated mounts correctly. A local unprivileged attacker could use this to cause a denial of service (system crash).
(CVE-2016-4581).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The Linux kernel did not properly suppress hugetlbfs support in x86 PV guests, which could allow local PV guest users to cause a denial of service (guest OS crash) by attempting to access a hugetlbfs mapped area. (CVE-2016-3961 / XSA-174)

A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate their privileges on the system. (CVE-2016-0758)

Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow local users to cause a denial of service (disk corruption) by writing to a page that is associated with a different user's file after unsynchronized hole punching and page-fault handling. (CVE-2015-8839)

The following flaws were also fixed in this version :

CVE-2016-4557 : Use after free vulnerability via double fdput

CVE-2016-4581 : Slave being first propagated copy causes oops in propagate_mnt

CVE-2016-4486 : Information leak in rtnetlink

CVE-2016-4485 : Information leak in llc module

CVE-2016-4558 : bpf: refcnt overflow

CVE-2016-4565 : infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko

CVE-2016-0758 : tags with indefinite length can corrupt pointers in asn1_find_indefinite_length()

CVE-2015-8839 : ext4 filesystem page fault race condition with fallocate call.

The 4.4.8 update contains a number of important fixes across the tree
---- The 4.4.7 update contains a number of important fixes across the tree

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The 4.4.7 update contains a number of important fixes across the kernel tree

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Severity
124835	EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1514)	Nessus	Huawei Local Security Checks	medium
103046	RHEL 6 : MRG (RHSA-2017:2669)	Nessus	Red Hat Local Security Checks	high
102734	CentOS 7 : kernel (CESA-2017:1842) (Stack Clash)	Nessus	CentOS Local Security Checks	high
102645	Scientific Linux Security Update : kernel on SL7.x x86_64 (20170801)	Nessus	Scientific Linux Local Security Checks	high
102281	Oracle Linux 7 : kernel (ELSA-2017-1842) (Stack Clash)	Nessus	Oracle Linux Local Security Checks	high
102242	EulerOS 2.0 SP2 : kernel (EulerOS-SA-2017-1155)	Nessus	Huawei Local Security Checks	medium
102241	EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1154)	Nessus	Huawei Local Security Checks	medium
102151	RHEL 7 : kernel-rt (RHSA-2017:2077)	Nessus	Red Hat Local Security Checks	high
102143	RHEL 7 : kernel (RHSA-2017:1842) (Stack Clash)	Nessus	Red Hat Local Security Checks	high
91569	Ubuntu 16.04 LTS : linux-raspi2 vulnerabilities (USN-3007-1)	Nessus	Ubuntu Local Security Checks	high
91568	Ubuntu 16.04 LTS : linux vulnerabilities (USN-3006-1)	Nessus	Ubuntu Local Security Checks	high
91567	Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3005-1)	Nessus	Ubuntu Local Security Checks	high
91241	Amazon Linux AMI : kernel (ALAS-2016-703)	Nessus	Amazon Linux Local Security Checks	high
90952	Fedora 22 : kernel-4.4.8-200.fc22 (2016-373c063e79)	Nessus	Fedora Local Security Checks	critical
90656	Fedora 23 : kernel-4.4.7-300.fc23 (2016-8e858f96b8)	Nessus	Fedora Local Security Checks	medium

CVE-2015-8839

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins