The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364. (CVE-2015-5366)
Impact
An unprivileged user can use this flaw to cause denial-of-service (DoS) attacks on a remote system, limited only on the affected application, by way of specially crafted User Datagram Protocol (UDP) packets.