Linux Kernel 'vhost/vhost. c' Local Denial of Service Vulnerability (CVE-2015-6252)

Linux Kernel 'vhost/vhost. c' Local Denial of Service Vulnerability (CVE-2015-6252)
Linux Kernel 'vhost/vhost. c' Local Denial of Service Vulnerability (CVE-2015-6252)

Release date:
Updated on:

Affected Systems:

Linux kernel

Description:

Bugtraq id: 76400
CVE (CAN) ID: CVE-2015-6252

Linux Kernel is the Kernel of the Linux operating system.

When the Linux Kernel vhost driver executes the command VHOST_SET_LOG_FD ioctl, There is a vulnerability in processing the user space that provides log file descriptors. The file descriptor is never released and Kernel memory is continuously consumed, attackers with local privileges that can access/dev/vhost-net files can exploit this vulnerability to cause DoS attacks.

<* Source: Michael S. Tsirkin
*>

Suggestion:

Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Https://lkml.org/lkml/2015/8/10/375

How to install Kernel 4.0.2 on CentOS 7

How to install Linux Kernel 4.0 on CentOS 7

How to install Linux kernel 4.0 on Ubuntu/CentOS?

How to install Linux kernel 13.10 On Ubuntu 3.12

How to install the 3.16.7 CKT2 kernel in Ubuntu 14.10, Ubuntu 14.04, and its derivative versions

Linux Kernel: click here
Linux Kernel: click here

This article permanently updates the link address: