CVE-2015-3291

🗓️ 31 Aug 2015 10:00:00Reported by redhatType

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not properly determine when nested NMI processing is occurring, which allows local users to cause a denial of service (skipped NMI) by modifying the rsp register, issuing a syscall instruction, and triggering an NMI

Reporter	Title	Published	Views	Family All 71
CNVD	Linux kernel 'x86/entry/entry_64.S' local security bypass vulnerability	30 Jul 201500:00	–	cnvd
Cvelist	CVE-2015-3291	31 Aug 201510:00	–	cvelist
Debian	[SECURITY] [DSA 3313-1] linux security update	23 Jul 201506:49	–	debian
Debian	[SECURITY] [DSA 3313-1] linux security update	23 Jul 201506:49	–	debian
Debian CVE	CVE-2015-3291	31 Aug 201510:00	–	debiancve
Tenable Nessus	Debian DSA-3313-1 : linux - security update	24 Jul 201500:00	–	nessus
Tenable Nessus	EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1487)	13 May 201900:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1529)	14 May 201900:00	–	nessus
Tenable Nessus	Fedora 22 : kernel-4.1.3-201.fc22 (2015-12437)	6 Aug 201500:00	–	nessus
Tenable Nessus	RHEL 7 : kernel (Unpatched Vulnerability)	3 Jun 202400:00	–	nessus

NVD

Node

linux linux_kernelRange≤4.1.5

Source	Link
kernel	www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.6
git	www.git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/
ubuntu	www.ubuntu.com/usn/USN-2690-1
ubuntu	www.ubuntu.com/usn/USN-2689-1
ubuntu	www.ubuntu.com/usn/USN-2688-1
debian	www.debian.org/security/2015/dsa-3313
openwall	www.openwall.com/lists/oss-security/2015/07/22/7
ubuntu	www.ubuntu.com/usn/USN-2691-1
github	www.github.com/torvalds/linux/commit/810bc075f78ff2c221536eb3008eac6a492dba2d
ubuntu	www.ubuntu.com/usn/USN-2687-1

06 May 2026 22:30Current

5.3Medium risk

Vulners AI Score5.3

CVSS 22.1

EPSS0.0006

CWE-17