- Home
- CVEs with nessus.description==An+update+for+kernel+is+now+available+for+Red+Hat+Enterprise+Linux+6.5+Advanced+Update+Support.%0A%0ARed+Hat+Product+Security+has+rated+this+update+as+having+a+security+impact+of+Important.+A+Common+Vulnerability+Scoring+System+%28CVSS%29+base+score%2C+which+gives+a+detailed+severity+rating%2C+is+available+for+each+vulnerability+from+the+CVE+link%28s%29+in+the+References+section.%0A%0AThe+kernel+packages+contain+the+Linux+kernel%2C+the+core+of+any+Linux+operating+system.%0A%0ASecurity+Fix%28es%29+%3A%0A%0A%2A+Two+flaws+were+found+in+the+way+the+Linux+kernel%27s+networking+implementation+handled+UDP+packets+with+incorrect+checksum+values.+A+remote+attacker+could+potentially+use+these+flaws+to+trigger+an+infinite+loop+in+the+kernel%2C+resulting+in+a+denial+of+service+on+the+system%2C+or+cause+a+denial+of+service+in+applications+using+the+edge+triggered+epoll+functionality.+%28CVE-2015-5364%2C+CVE-2015-5366%2C+Important%29%0A%0ABug+Fix%28es%29+%3A%0A%0A%2A+At+a+process+or+thread+exit%2C+when+the+Linux+kernel+undoes+any+SysV+semaphore+operations+done+previously+%28ones+done+using+semop+with+the+SEM_UNDO+flag%29%2C+there+was+a+possible+race+condition+with+another+process+or+thread+removing+the+same+semaphore+set+where+the+operations+occurred%2C+leading+to+a+possible+use+of+in-kernel-freed+memory+and+then+to+possible+unpredictable+behavior.+This+bug+could+be+noticed+with+software+which+uses+IPC+SysV+semaphores%2C+such+as+IBM+DB2%2C+which+could+in+certain+cases+have+some+of+its+processes+or+utilities+get+incorrectly+stalled+in+an+IPC+semaphore+operation+or+system+call+after+the+race+condition+happened.+A+patch+has+been+provided+to+fix+this+bug%2C+and+the+kernel+now+behaves+as+expected+in+the+aforementioned+scenario.+%28BZ%231326343%29
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top