VDB

CVE-2015-7799

CVE-2015-7799 PUBLISHED

The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.

EPSS 0.10% · 26.5th percentile

Risk Scores

EPSS Score
0.10%
26.5th percentile

Affected Products

VendorProductVersions
Ubuntu:14.04:LTSlinux-lts-wily4.2.0-19.23~14.04.1, 4.2.0-18.22~14.04.1, 0
Ubuntu:14.04:LTSlinux-lts-utopic3.16.0-28.38~14.04.1, 3.16.0-29.39~14.04.1, 3.16.0-30.40~14.04.1
Ubuntu:14.04:LTSlinux3.13.0-29.53, 3.13.0-30.54, 3.13.0-33.58
Ubuntu:14.04:LTSlinux-lts-vivid3.19.0-22.22~14.04.1, 0, 3.19.0-23.24~14.04.1

Timeline

  • Oct 19, 2015 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 3, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 17, 2022 EPSS Score
  • Feb 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 1, 2023 EPSS Score
  • May 24, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›