{
  "threat_severity" : "Moderate",
  "public_date" : "2016-02-11T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: CXGB3: Logic bug in return code handling prematurely frees key structures causing Use after free or kernel panic.",
    "id" : "1303532",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1303532"
  },
  "cvss" : {
    "cvss_base_score" : "6.9",
    "cvss_scoring_vector" : "AV:L/AC:M/Au:N/C:C/I:C/A:C",
    "status" : "verified"
  },
  "cwe" : "CWE-416",
  "details" : [ "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.", "A use-after-free flaw was found in the CXGB3 kernel driver when the network was considered to be congested. The kernel incorrectly misinterpreted the congestion as an error condition and incorrectly freed or cleaned up the socket buffer (skb). When the device then sent the skb's queued data, these structures were referenced. A local attacker could use this flaw to panic the system (denial of service) or, with a local account, escalate their privileges." ],
  "statement" : "This issue affects the Linux kernels as shipped with Red Hat Enterprise Linux 5, 6 and 7 and Red Hat Enterprise MRG 2 and realtime kernels and may be addressed in a future update.\nThis has been rated as having Moderate security impact and is not currently\nplanned to be addressed in future updates in Red Hat Enterprise Linux 5 and 6 . For additional information, refer to the Red Hat Enterprise Linux Life Cycle:\nhttps://access.redhat.com/support/policy/updates/errata/.",
  "acknowledgement" : "This issue was discovered by Venkatesh Pottem (Red Hat Engineering).",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-11-03T00:00:00Z",
    "advisory" : "RHSA-2016:2584",
    "cpe" : "cpe:/a:redhat:rhel_extras_rt:7",
    "package" : "kernel-rt-0:3.10.0-514.rt56.420.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-11-03T00:00:00Z",
    "advisory" : "RHSA-2016:2574",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-0:3.10.0-514.el7"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Will not fix",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Will not fix",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2015-8812\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-8812" ],
  "name" : "CVE-2015-8812",
  "csaw" : false
}