OVAL Reference oval:com.ubuntu.precise:def:20157990000

Oval Definition:

oval:com.ubuntu.precise:def:20157990000

Revision Date:	2015-12-28	Version:	1
Title:	CVE-2015-7990 on Ubuntu 12.04 LTS (precise) - low.
Description:	Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937. Sasha Levin discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel had a race condition when checking whether a socket was bound or not. A local attacker could use this to cause a denial of service (system crash).
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2015-7990
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND Package Information The 'linux' package in precise was vulnerable but has been fixed (note: '3.2.0-98.138'). OR The 'linux-armadaxp' package in precise was vulnerable but has been fixed (note: '3.2.0-1661.85'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'was needs-triage now end-of-life'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'end-of-life'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'was needs-triage now end-of-life'). OR The 'linux-lts-trusty' package in precise was vulnerable but has been fixed (note: '3.13.0-77.121~precise1'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR The 'linux-ti-omap4' package in precise was vulnerable but has been fixed (note: '3.2.0-1476.99').

BACK