CVE-2015-5364 — Infinite Loop in Kernel
Severity
7.8HIGHNVD
NVD5.0OSV7.2OSV4.9
EPSS
21.2%
top 4.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 31
Latest updateMay 14
Description
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.
CVSS vector
AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9
Affected Packages4 packages
Also affects: Debian Linux 7.0, 8.0, Ubuntu Linux 12.04, 14.04, 15.04, Enterprise Linux 6.5
🔴Vulnerability Details
9GHSA▶
GHSA-xx3c-35rv-h773: The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4↗2022-05-14
GHSA▶
GHSA-2p7j-hg9j-vpj2: The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4↗2022-05-14
OSV▶
CVE-2015-5366: The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4↗2015-08-31
OSV▶
CVE-2015-5364: The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4↗2015-08-31
CVEList▶
CVE-2015-5364: The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4↗2015-08-31
📋Vendor Advisories
14Android▶
CVE-2015-5364: Android Security Bulletin 2016-09-01
CVE: CVE-2015-5364
Severity: HIGH
References: A-29507402
Upstream
kernel↗2016-09-01