UBUNTU-CVE-2015-3332
Advisory lineage Upstream: 1 Downstream: 2
Upstream
Downstream
Published: 21 Apr 2015, 00:00
Last modified:22 Apr 2026, 10:07
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
21 Apr 2015, 00:00
Published
Vulnerability first disclosed
22 Apr 2026, 10:07
Last Modified
Vulnerability information updated
Description
A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds.
Affected Systems
- ubuntu•linux
< 3.13.0-53.89
- ubuntu•linux-lts-utopic
< 3.16.0-38.52~14.04.1
References (8)
- https://ubuntu.com/security/CVE-2015-3332
- http://www.openwall.com/lists/oss-security/2015/04/14/14
- http://thread.gmane.org/gmane.linux.network/359588
- https://ubuntu.com/security/notices/USN-2615-1
- https://ubuntu.com/security/notices/USN-2616-1
- https://ubuntu.com/security/notices/USN-2619-1
- https://ubuntu.com/security/notices/USN-2620-1
- https://www.cve.org/CVERecord?id=CVE-2015-3332