udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.
The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | 3.2 (including) | 3.2.76 (excluding) |
Linux_kernel | Linux | 3.3 (including) | 3.4.113 (excluding) |
Linux_kernel | Linux | 3.5 (including) | 3.10.103 (excluding) |
Linux_kernel | Linux | 3.11 (including) | 3.12.53 (excluding) |
Linux_kernel | Linux | 3.13 (including) | 3.14.77 (excluding) |
Linux_kernel | Linux | 3.15 (including) | 3.16.35 (excluding) |
Linux_kernel | Linux | 3.17 (including) | 3.18.45 (excluding) |
Linux_kernel | Linux | 3.19 (including) | 4.1.40 (excluding) |
Linux_kernel | Linux | 4.2 (including) | 4.4.21 (excluding) |