Vulnerability & Exploit Database

Displaying all 8 entries

Results for: CVE-2015-5283 Back to search

RHSA-2015:2411: kernel-rt security, bug fix, and enhancement update Vulnerability

  • Severity: 7
  • Published: October 19, 2015

The kernel-rt packages contain the Linux kernel, the core of any Linuxoperating system.Red Hat would like to thank Linn Crosetto of HP for reporting theCVE-2015-7837 issue. The CVE-2015-5283 issue was discovered by Ji Jianwenfrom Red Hat engineering.The kernel-rt packages have been upgraded to version 3.10.0-326.rt56.204,which provides a...

F5 Networks: K37510383 (CVE-2015-5283): Linux kernel SCTP vulnerability CVE-2015-5283 Vulnerability

  • Severity: 5
  • Published: October 19, 2015

The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished.

SUSE: CVE-2015-5283: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: October 13, 2015

The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished.

DSA-3372-1 linux -- security update Vulnerability

  • Severity: 7
  • Published: October 13, 2015

Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c.

ELSA-2015-2152 Important: Oracle Linux kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 10
  • Published: March 16, 2015

Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.