CVE-2015-7837

Опубликовано: 14 окт. 2015

Источник: redhat

CVSS2: 1.9

EPSS Низкий

Описание

The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot.

A flaw was found in the way the Linux kernel handled the securelevel functionality after performing a kexec operation. A local attacker could use this flaw to bypass the security mechanism of the securelevel/secureboot combination.

Отчет

This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 5 and 6. This issue affects the Linux kernels as shipped with Red Hat Enterprise Linux 7, kernel-rt and MRG-2.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise MRG 2	kernel-rt	Affected
Red Hat Enterprise Linux 7	kernel-rt	Fixed	RHSA-2015:2411	19.11.2015
Red Hat Enterprise Linux 7	kernel	Fixed	RHSA-2015:2152	19.11.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-456

https://bugzilla.redhat.com/show_bug.cgi?id=1272472kernel: securelevel disabled after kexec

EPSS

Процентиль: 23%

0.00073

Низкий

1.9 Low

CVSS2

Связанные уязвимости

CVE-2015-7837

CVSS3: 5.5

ubuntu

почти 8 лет назад

CVE-2015-7837

CVSS3: 5.5

nvd

почти 8 лет назад

CVE-2015-7837

CVSS3: 5.5

debian

почти 8 лет назад

The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, an ...

GHSA-3cqh-r98g-rhgh

CVSS3: 5.5

github

около 3 лет назад

ELSA-2015-2152

oracle-oval

больше 9 лет назад

ELSA-2015-2152: kernel security, bug fix, and enhancement update (IMPORTANT)

EPSS

Процентиль: 23%

0.00073

Низкий

1.9 Low

CVSS2