CVE-2015-5156
EPSS 0.22%linux - security update
Published: 10/19/2015Modified: 4/28/2026
Description
The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets.
Affected packages (3)
- Debian/linuxfrom 0, < 4.1.5-1
- Debian/linuxfrom 0, < 3.2.68-1+deb7u4
- Debian/linux-2.6from 0, < 2.6.32-48squeeze14