Kernel Crash Vulnerability in Linux SLIP Driver

Kernel Crash Vulnerability in Linux SLIP Driver

CVE-2015-7799 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.