CVE-2015-3290

Опубликовано: 22 июл. 2015

Источник: redhat

CVSS2: 7.2

Описание

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform improperly relies on espfix64 during nested NMI processing, which allows local users to gain privileges by triggering an NMI within a certain instruction window.

A flaw was found in the way the Linux kernel's nested NMI handler and espfix64 functionalities interacted during NMI processing. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.

Отчет

This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6 since they did not backport the nested NMI handler and espfix64 functionalities. This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2 since they did not backport the espfix64 functionality and also did not backport upstream commit e00b12e64be9a3 that allowed an unprivileged local user to re-enable NMIs from the NMI handler.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-435

https://bugzilla.redhat.com/show_bug.cgi?id=1243465kernel: x86: nested NMI handler and espfix64 interaction privilege escalation

7.2 High

CVSS2

Связанные уязвимости

CVE-2015-3290

ubuntu

больше 10 лет назад

CVE-2015-3290

nvd

больше 10 лет назад

CVE-2015-3290

debian

больше 10 лет назад

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_ ...

GHSA-v8jv-m5jm-jgfg

github

больше 3 лет назад

7.2 High

CVSS2