1. Home
  2. Vulnerabilities
  3. CVE-2015-8539

CVE-2015-8539

CVSS v3.1 7.8 (High)
78% Progress
CVSS v2.0 7.2 (High)
72% Progress
EPSS 0.04 % (11th)
0.04% Progress
Affected Products 3
Advisories 23
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.

Weaknesses
CWE-269
Improper Privilege Management
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2016-02-08 03:59:03
(8 years ago)
Updated Date
2022-01-31 17:51:54
(2 years ago)

Affected Products

Canonical

Linux

Suse

Configuration #1

    CPE23 From Up To
  Canonical Ubuntu Linux 12.04 cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-
  Canonical Ubuntu Linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm
  Suse Linux Enterprise Real Time Extension 12 SP1 cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp1

Configuration #2

    CPE23 From Up To
  Linux Kernel prior 4.4 version cpe:2.3:o:linux:linux_kernel < 4.4
  Linux Kernel 4.4 Rc1 cpe:2.3:o:linux:linux_kernel:4.4:rc1
  Linux Kernel 4.4 Rc2 cpe:2.3:o:linux:linux_kernel:4.4:rc2