Unrated severityNVD Advisory· Published May 27, 2015· Updated May 6, 2026
CVE-2015-3332
CVE-2015-3332
Description
A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds.
Affected products
19- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- osv-coords17 versionspkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/kgraft-patch-SLE12_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012
< 3.12.43-52.6.1+ 16 more
- (no CPE)range: < 3.12.43-52.6.1
- (no CPE)range: < 3.12.43-52.6.1
- (no CPE)range: < 3.12.43-52.6.1
- (no CPE)range: < 3.12.43-52.6.1
- (no CPE)range: < 3.12.43-52.6.2
- (no CPE)range: < 3.12.43-52.6.1
- (no CPE)range: < 3.12.43-52.6.2
- (no CPE)range: < 3.12.43-52.6.1
- (no CPE)range: < 3.12.43-52.6.1
- (no CPE)range: < 3.12.43-52.6.1
- (no CPE)range: < 3.12.43-52.6.1
- (no CPE)range: < 3.12.43-52.6.1
- (no CPE)range: < 3.12.43-52.6.1
- (no CPE)range: < 3.12.43-52.6.1
- (no CPE)range: < 3.12.43-52.6.1
- (no CPE)range: < 3.12.43-52.6.1
- (no CPE)range: < 1-2.3
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5News mentions
0No linked articles in our index yet.