Linux Kernel '/scsi/sg. c' Integer Overflow Vulnerability (CVE-2015-5707)

Linux Kernel '/scsi/sg. c' Integer Overflow Vulnerability (CVE-2015-5707)
Linux Kernel '/scsi/sg. c' Integer Overflow Vulnerability (CVE-2015-5707)

Release date:
Updated on:

Affected Systems:

Linux kernel <= 3.3.5

Description:

Bugtraq id: 76145
CVE (CAN) ID: CVE-2015-5707

Linux Kernel is the Kernel of the Linux operating system.

Linux kernel has the integer overflow vulnerability in the implementation of start_req () function. Local attackers can exploit this vulnerability to cause the affected kernel to crash, resulting in DOS.

<* Source: Ben huchings (ben@decadent.org.uk)
*>

Suggestion:

Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:


Http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit? Id = fdc81f45e9f57858da6351836507fbcf1b7583ee
Http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit? Id = 451a2886b6bf90e2fbda-f7c46c655450fb96e81

How to install Kernel 4.0.2 on CentOS 7

How to install Linux Kernel 4.0 on CentOS 7

How to install Linux kernel 4.0 on Ubuntu/CentOS?

How to install Linux kernel 13.10 On Ubuntu 3.12

How to install the 3.16.7 CKT2 kernel in Ubuntu 14.10, Ubuntu 14.04, and its derivative versions

Linux Kernel: click here
Linux Kernel: click here

This article permanently updates the link address: