CVE-2015-1339

Published: Apr 27, 2016Modified: May 6, 2026

6.2

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.5 / Impact: 3.6

Source: NVD

Description

Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.

Affected (3)

Products: Linux: Linux Kernel · Novell: Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Real Time Extension

Linux

1 product

Linux Kernel

Novell

2 products

Suse Linux Enterprise Debuginfo

Suse Linux Enterprise Real Time Extension

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Up to 4.3.6

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Novell Suse Linux Enterprise Debuginfo	Version 11 sp4
Novell Suse Linux Enterprise Real Time Extension	Version 11 sp4

Related CWEs

CWE-399

References (16)

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c

Source: security@ubuntu.com

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html

Source: security@ubuntu.com

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html

Source: security@ubuntu.com

Third Party Advisory

http://www.openwall.com/lists/oss-security/2016/03/02/13

Source: security@ubuntu.com

Patch

https://bugzilla.novell.com/show_bug.cgi?id=969356

Source: security@ubuntu.com

Issue Tracking

https://bugzilla.redhat.com/show_bug.cgi?id=1314331

Source: security@ubuntu.com

Issue Tracking

https://github.com/torvalds/linux/commit/2c5816b4beccc8ba709144539f6fdd764f8fa49c

Source: security@ubuntu.com

PatchVendor Advisory

https://security-tracker.debian.org/tracker/CVE-2015-1339

Source: security@ubuntu.com

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c