exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

CVE-2015-5157

Status Candidate

Overview

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.

Related Files

Red Hat Security Advisory 2016-0715-01
Posted May 4, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0715-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system. A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service.

tags | advisory, remote, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2015-5157, CVE-2015-8767
SHA-256 | 7f2de269a3c4399071580d47b94638fec39450eee6b1c55b0f6d0c44571f0685
Red Hat Security Advisory 2016-0224-01
Posted Feb 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0224-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2015-5157, CVE-2015-7872
SHA-256 | 00ab730508d67ce6b518ba890134a1d1d8898a4574f922bc1006d89b31f85489
Red Hat Security Advisory 2016-0212-01
Posted Feb 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0212-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2015-5157, CVE-2015-7872
SHA-256 | b771c9eefb04a0bae6b27307e6c6f3a2e4d927b2ee673b81a19677837f66263c
Red Hat Security Advisory 2016-0185-01
Posted Feb 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0185-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2015-5157, CVE-2015-7872
SHA-256 | 1a2e527298ad69b36cf3c97378fa9634fd9b0bc9ef66a9c4a6fdf6769fb4a7cf
Ubuntu Security Notice USN-2700-1
Posted Aug 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2700-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Andy Lutomirski discovered a flaw that allows user to cause the Linux kernel to ignore some NMIs (non-maskable interrupts). A local unprivileged user could exploit this flaw to potentially cause the system to miss important NMIs resulting in unspecified effects. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | 943cf9af07e288f748c0571d7b91e0f511f1efcb344bcbd3cf30c83ca200c663
Ubuntu Security Notice USN-2701-1
Posted Aug 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2701-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Andy Lutomirski discovered a flaw that allows user to cause the Linux kernel to ignore some NMIs (non-maskable interrupts). A local unprivileged user could exploit this flaw to potentially cause the system to miss important NMIs resulting in unspecified effects. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | b8bb77c070e7f389017664b2a2f1b7c79949709d710b497024adf5699d50ff3d
Ubuntu Security Notice USN-2691-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2691-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | 233afb4582ee78a50a8facdf30a35b42c990f6ff998cb27bce0cb8f4bf394da2
Ubuntu Security Notice USN-2688-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2688-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | ce58db6ac1ce225659c4f2333916e039746c0fa760849b8e9016fdecb8a8fd66
Ubuntu Security Notice USN-2687-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2687-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | 49ab85c196aa855b9ebaf838b0b9f7a16754a5118979c620b131d4167753d1d1
Ubuntu Security Notice USN-2689-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2689-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | 8bc536d144528d06e731bc5365cad7af2d099cf3c5d399449213870149ab6b19
Ubuntu Security Notice USN-2690-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2690-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | aa51a0821d1a02548dc2de024d18926f5f95a5bc133a2d69ec6f69a16f43f629
Debian Security Advisory 3313-1
Posted Jul 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3313-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2015-3290, CVE-2015-3291, CVE-2015-4167, CVE-2015-5157, CVE-2015-5364, CVE-2015-5366
SHA-256 | 2e58c4b602469b6006a0a897b4f48fb0ecef8c77468fcfdd3958ced23f009b86
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close