CVE-2019-15030

Published: Sep 13, 2019Modified: Nov 21, 2024

4.4

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

Exploitability: 1.8 / Impact: 2.5

Source: NVD

Description

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.

Affected (8)

Products: Linux: Linux Kernel · Canonical: Ubuntu Linux · Opensuse: Leap · +1 more

Show all products

Linux: Linux Kernel · Canonical: Ubuntu Linux · Opensuse: Leap · Redhat: Enterprise Linux

1 product

1 product

1 product

1 product

Enterprise Linux

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Up to 5.2.14

Configuration B

7 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 19.04
Opensuse Leap	Version 15.0
Opensuse Leap	Version 15.1
Redhat Enterprise Linux	Version 7.0
Redhat Enterprise Linux	Version 8.0

Related CWEs

Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

References (16)

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html

Source: cve@mitre.org

Third Party Advisory

http://www.openwall.com/lists/oss-security/2019/09/10/3

Source: cve@mitre.org

Mailing ListPatchThird Party Advisory

https://access.redhat.com/errata/RHSA-2020:0740

Source: cve@mitre.org

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8205d5d98ef7f155de211f5e2eb6ca03d95a5a60

Source: cve@mitre.org

ExploitMailing ListPatchVendor Advisory

https://security.netapp.com/advisory/ntap-20191004-0001/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4135-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4135-2/

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.openwall.com/lists/oss-security/2019/09/10/3

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchThird Party Advisory

https://access.redhat.com/errata/RHSA-2020:0740

Source: af854a3a-2127-422b-91ae-364da2661108

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8205d5d98ef7f155de211f5e2eb6ca03d95a5a60

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing ListPatchVendor Advisory

https://security.netapp.com/advisory/ntap-20191004-0001/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://usn.ubuntu.com/4135-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://usn.ubuntu.com/4135-2/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.