CVE-2015-5157

Published: Aug 31, 2015Modified: May 6, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.

Affected (10)

Products: Redhat: Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server, Enterprise Linux Server Eus, Enterprise Linux Workstation · Linux: Linux Kernel

Redhat

5 products

Enterprise Linux Desktop

Enterprise Linux Hpc Node

Enterprise Linux Server

Enterprise Linux Server Eus

Enterprise Linux Workstation

Linux

1 product

Linux Kernel

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Hpc Node	Version 6.0
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Server Eus	Version 6.7.z
Redhat Enterprise Linux Workstation	Version 6.0

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 3.12.47
Linux Linux Kernel	From 3.13 to 3.14.54
Linux Linux Kernel	From 3.15 to 3.16.35
Linux Linux Kernel	From 3.17 to 3.18.22
Linux Linux Kernel	From 3.19 to 4.1.6

Related CWEs

CWE-264

References (44)

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://rhn.redhat.com/errata/RHSA-2016-0185.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://rhn.redhat.com/errata/RHSA-2016-0212.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://rhn.redhat.com/errata/RHSA-2016-0224.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://rhn.redhat.com/errata/RHSA-2016-0715.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.debian.org/security/2015/dsa-3313

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.6

Source: secalert@redhat.com

Vendor Advisory

http://www.openwall.com/lists/oss-security/2015/07/22/7

Source: secalert@redhat.com

Mailing List

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Source: secalert@redhat.com

Third Party Advisory

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Source: secalert@redhat.com

Third Party Advisory

http://www.securityfocus.com/bid/76005

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-2687-1

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-2688-1

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-2689-1

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-2690-1

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-2691-1

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://github.com/torvalds/linux/commit/9b6e6a8334d56354853f9c255d1395c2ba570e0a

Source: secalert@redhat.com

Third Party Advisory

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a