CVE-2015-5157

CVSS v2.0 7.2 (High)

EPSS 0.17 % (55^th)

Affected Products 6

Advisories 18

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.

Weaknesses

CWE-264: Permissions, Privileges, and Access Controls

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2015-08-31 10:59:11
(9 years ago)
Updated Date: 2024-03-14 19:58:51
(6 months ago)

Affected Products

Linux

Linux Kernel

Redhat

Configuration #1

		CPE23	From	Up To
	Redhat Enterprise Linux Desktop 6.0	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
	Redhat Enterprise Linux Hpc Node 6.0	cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0
	Redhat Enterprise Linux Server 6.0	cpe:2.3:o:redhat:enterprise_linux_server:6.0
	Redhat Enterprise Linux Server Eus 6.7.z	cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z
	Redhat Enterprise Linux Workstation 6.0	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0

Configuration #2

	CPE23	From	Up To
Linux Kernel prior 3.12.47 version	cpe:2.3:o:linux:linux_kernel		< 3.12.47
Linux Kernel from 3.13 version and prior 3.14.54 version	cpe:2.3:o:linux:linux_kernel	>= 3.13	< 3.14.54
Linux Kernel from 3.15 version and prior 3.16.35 version	cpe:2.3:o:linux:linux_kernel	>= 3.15	< 3.16.35
Linux Kernel from 3.17 version and prior 3.18.22 version	cpe:2.3:o:linux:linux_kernel	>= 3.17	< 3.18.22
Linux Kernel from 3.19 version and prior 4.1.6 version	cpe:2.3:o:linux:linux_kernel	>= 3.19	< 4.1.6