exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2015-3290

Status Candidate

Overview

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform improperly relies on espfix64 during nested NMI processing, which allows local users to gain privileges by triggering an NMI within a certain instruction window.

Related Files

Linux Nested NMIs Privilege Escalation
Posted Aug 7, 2015
Authored by Andrew Lutomirski

Privilege escalation can occur in Linux due to nested NMIs interrupting espfix64.

tags | exploit
systems | linux
advisories | CVE-2015-3290
SHA-256 | f62af298234e655a737d78137c9a21203b3fc70e674b757e92ae2c2517d1fb97
Ubuntu Security Notice USN-2700-1
Posted Aug 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2700-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Andy Lutomirski discovered a flaw that allows user to cause the Linux kernel to ignore some NMIs (non-maskable interrupts). A local unprivileged user could exploit this flaw to potentially cause the system to miss important NMIs resulting in unspecified effects. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | 943cf9af07e288f748c0571d7b91e0f511f1efcb344bcbd3cf30c83ca200c663
Ubuntu Security Notice USN-2701-1
Posted Aug 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2701-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Andy Lutomirski discovered a flaw that allows user to cause the Linux kernel to ignore some NMIs (non-maskable interrupts). A local unprivileged user could exploit this flaw to potentially cause the system to miss important NMIs resulting in unspecified effects. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | b8bb77c070e7f389017664b2a2f1b7c79949709d710b497024adf5699d50ff3d
Ubuntu Security Notice USN-2691-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2691-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | 233afb4582ee78a50a8facdf30a35b42c990f6ff998cb27bce0cb8f4bf394da2
Ubuntu Security Notice USN-2688-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2688-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | ce58db6ac1ce225659c4f2333916e039746c0fa760849b8e9016fdecb8a8fd66
Ubuntu Security Notice USN-2687-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2687-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | 49ab85c196aa855b9ebaf838b0b9f7a16754a5118979c620b131d4167753d1d1
Ubuntu Security Notice USN-2689-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2689-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | 8bc536d144528d06e731bc5365cad7af2d099cf3c5d399449213870149ab6b19
Ubuntu Security Notice USN-2690-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2690-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | aa51a0821d1a02548dc2de024d18926f5f95a5bc133a2d69ec6f69a16f43f629
Debian Security Advisory 3313-1
Posted Jul 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3313-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2015-3290, CVE-2015-3291, CVE-2015-4167, CVE-2015-5157, CVE-2015-5364, CVE-2015-5366
SHA-256 | 2e58c4b602469b6006a0a897b4f48fb0ecef8c77468fcfdd3958ced23f009b86
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close