Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-2666

Опубликовано: 27 мая 2015
Источник: debian
EPSS Низкий

Описание

Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed3.16.7-ckt9-1package
linuxnot-affectedwheezypackage
linux-2.6not-affectedpackage

Примечания

  • Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ec400ddeff200b068ddc6c70f7321f49ecf32ed5 (v3.9-rc1)

  • Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4 (v4.0-rc1)

  • https://www.openwall.com/lists/oss-security/2015/03/18/7

EPSS

Процентиль: 29%
0.00103
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2015-2666

ubuntu
около 10 лет назад

Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd.

redhat логотип

CVE-2015-2666

redhat
больше 10 лет назад

Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd.

nvd логотип

CVE-2015-2666

nvd
около 10 лет назад

Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd.

github логотип

GHSA-rwf8-4gv4-8fmw

github
около 3 лет назад

Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd.

oracle-oval логотип

ELSA-2015-1534

oracle-oval
около 10 лет назад

ELSA-2015-1534: kernel security and bug fix update (MODERATE)

EPSS

Процентиль: 29%
0.00103
Низкий