Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-15537

Опубликовано: 17 окт. 2017
Источник: redhat
CVSS3: 5.1
EPSS Низкий

Описание

The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt_sigreturn() system call, allowing local users to read the FPU registers of other processes on the system, related to arch/x86/kernel/fpu/regset.c and arch/x86/kernel/fpu/signal.c.

The x86/fpu (Floating Point Unit) subsystem in the Linux kernel, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt_sigreturn() system call. This allows local users to read the FPU registers of other processes on the system, related to arch/x86/kernel/fpu/regset.c and arch/x86/kernel/fpu/signal.c.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-altNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise MRG 2realtime-kernelNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1529302kernel: Information leak of x86 FPU registers

EPSS

Процентиль: 14%
0.00047
Низкий

5.1 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-15537

CVSS3: 5.5
ubuntu
больше 7 лет назад

The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt_sigreturn() system call, allowing local users to read the FPU registers of other processes on the system, related to arch/x86/kernel/fpu/regset.c and arch/x86/kernel/fpu/signal.c.

nvd логотип

CVE-2017-15537

CVSS3: 5.5
nvd
больше 7 лет назад

The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt_sigreturn() system call, allowing local users to read the FPU registers of other processes on the system, related to arch/x86/kernel/fpu/regset.c and arch/x86/kernel/fpu/signal.c.

debian логотип

CVE-2017-15537

CVSS3: 5.5
debian
больше 7 лет назад

The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before ...

github логотип

GHSA-hgc2-77r9-87cw

CVSS3: 5.5
github
около 3 лет назад

The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt_sigreturn() system call, allowing local users to read the FPU registers of other processes on the system, related to arch/x86/kernel/fpu/regset.c and arch/x86/kernel/fpu/signal.c.

oracle-oval логотип

ELSA-2018-4071

oracle-oval
около 7 лет назад

ELSA-2018-4071: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 14%
0.00047
Низкий

5.1 Medium

CVSS3