Buffer Overflow and Memory Corruption Vulnerability in Linux Kernel's virtnet_probe Function

Buffer Overflow and Memory Corruption Vulnerability in Linux Kernel's virtnet_probe Function

CVE-2015-5156 · MEDIUM Severity

AV:A/AC:L/AU:N/C:N/I:N/A:C

The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.