Memory Corruption Vulnerability in skb_copy_and_csum_datagram_iovec Function

Memory Corruption Vulnerability in skb_copy_and_csum_datagram_iovec Function

CVE-2015-8019 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.