1. Home
  2. Vulnerabilities
  3. CVE-2015-8785

CVE-2015-8785

CVSS v3.1 6.2 (Medium)
62% Progress
CVSS v2.0 4.9 (Medium)
49% Progress
EPSS 0.14 % (51th)
0.14% Progress
Affected Products 2
Advisories 18
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.

Weaknesses
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE Status
PUBLISHED
CNA
Debian GNU/Linux
Published Date
2016-02-08 03:59:07
(8 years ago)
Updated Date
2022-01-31 17:52:44
(2 years ago)

Affected Products

Linux

Suse

Configuration #1

    CPE23 From Up To
  Linux Kernel prior 4.4 version cpe:2.3:o:linux:linux_kernel < 4.4
  Linux Kernel 4.4 Rc1 cpe:2.3:o:linux:linux_kernel:4.4:rc1
  Linux Kernel 4.4 Rc2 cpe:2.3:o:linux:linux_kernel:4.4:rc2
  Linux Kernel 4.4 Rc3 cpe:2.3:o:linux:linux_kernel:4.4:rc3
  Linux Kernel 4.4 Rc4 cpe:2.3:o:linux:linux_kernel:4.4:rc4

Configuration #2

    CPE23 From Up To
  Suse Linux Enterprise Real Time Extension 12 SP1 cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp1