SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2015-5157

Date: (C)2015-09-15 (M)2024-04-19

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.2
Exploit Score: 3.9
Impact Score: 10.0

CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE

Reference:

SUSE-SU-2015:1727

SUSE-SU-2015:2108

SUSE-SU-2015:2339

SUSE-SU-2015:2350

SUSE-SU-2016:0354

http://www.openwall.com/lists/oss-security/2015/07/22/7

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.6

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

https://github.com/torvalds/linux/commit/9b6e6a8334d56354853f9c255d1395c2ba570e0a

oval:org.secpod.oval:def:702684
oval:org.secpod.oval:def:702671
oval:org.secpod.oval:def:52540
oval:org.secpod.oval:def:52533
...

© SecPod Technologies