Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by creating netlink sockets.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1288934 | Issue Tracking Third Party Advisory Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 00:55
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by creating netlink sockets. |
02 Feb 2023, 21:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CPE | cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:* | |
Summary | A race-condition flaw was discovered in the kernel's netlink module creation, which can trigger a kernel panic in netlink_release->module_put for local users creating netlink sockets. The flaw is specific to Red Hat Enterprise Linux and does not affect upstream kernels. The nfnetlink_log module must be loaded before the flaw can occur. |
Information
Published : 2017-09-14 16:29
Updated : 2023-12-10 12:15
NVD link : CVE-2015-7553
Mitre link : CVE-2015-7553
CVE.ORG link : CVE-2015-7553
JSON object : View
Products Affected
redhat
- kernel-rt
- enterprise_mrg
- enterprise_linux
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')