Updated: 2023-12-06
CWE: Race Conditions
Description:
Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.
CVSS3: 5.8
| OS | Vendor version | Errata |
|---|---|---|
| Ubuntu 14.04 | 3.13.0-77.121 | USN-2887-1 |
| Debian 8 | 3.16.7-ckt11-1+deb8u6 | DSA-3396-1 |
| OS | Original kernel version | State |
|---|---|---|
| Ubuntu 14.04 |
3.13.0-53.88
show all
hide all
3.13.0-39.66
3.13.0-65.106
3.13.0-57.95
3.13.0-37.64
3.13.0-68.111
3.13.0-59.98
3.13.0-71.114
3.13.0-67.110
3.13.0-70.113
3.13.0-76.120
3.13.0-41.70
3.13.0-36.63
3.13.0-44.73
3.13.0-49.81
3.13.0-46.75
3.13.0-40.69
3.13.0-33.58
3.13.0-43.72
3.13.0-51.84
3.13.0-73.116
3.13.0-62.102
3.13.0-54.91
3.13.0-38.65
3.13.0-40.68
3.13.0-45.74
3.13.0-46.76
3.13.0-46.77
3.13.0-52.86
3.13.0-53.87
3.13.0-55.94
3.13.0-61.100
3.13.0-62.101
3.13.0-64.104
3.13.0-66.107
3.13.0-69.112
3.13.0-72.115
3.13.0-32.57
3.13.0-58.97
3.13.0-65.105
3.13.0-46.79
3.13.0-74.118
3.13.0-34.60
3.13.0-35.62
3.13.0-48.80
3.13.0-52.85
3.13.0-66.108
3.13.0-63.103
3.13.0-55.92
3.13.0-53.89
3.13.0-49.83
|
Released |
| Debian 8 |
3.16.7-ckt9-3~deb8u1
show all
hide all
3.16.7-ckt11-1+deb8u2
3.16.7-ckt11-1+deb8u3
3.16.7-ckt11-1+deb8u4
3.16.7-ckt11-1+deb8u5
3.16.7-ckt11-1+deb8u1
3.16.7-ckt11-1
|
Released |
| Debian 10 cloud | |
Will Not Fix |
| Debian 9 backports | |
Will Not Fix |