CVE-2015-1573

CVSS v3.0 5.5 (Medium)

CVSS v2.0 4.9 (Medium)

EPSS 0.04 % (5^th)

Affected Products 1

Advisories 3

The nft_flush_table function in net/netfilter/nf_tables_api.c in the Linux kernel before 3.18.5 mishandles the interaction between cross-chain jumps and ruleset flushes, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability.

Weaknesses

CWE-19: Data Processing Errors

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2016-05-02 10:59:08
(8 years ago)
Updated Date: 2018-01-05 02:30:00
(6 years ago)

Affected Products

Linux

Linux Kernel

Configuration #1

		CPE23	From	Up To
	Linux Kernel 3.18.4 and prior versions	cpe:2.3:o:linux:linux_kernel		<= 3.18.4