Lucene search

K
cveRedhatCVE-2015-5157
HistoryAug 31, 2015 - 10:59 a.m.

CVE-2015-5157

2015-08-3110:59:11
CWE-264
redhat
web.nvd.nist.gov
167
cve
linux kernel
privilege escalation
x86_64
nmi
security vulnerability

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

54.3%

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.

Affected configurations

Nvd
Node
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_hpc_nodeMatch6.0
OR
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_server_eusMatch6.7.z
OR
redhatenterprise_linux_workstationMatch6.0
Node
linuxlinux_kernelRange<3.12.47
OR
linuxlinux_kernelRange3.133.14.54
OR
linuxlinux_kernelRange3.153.16.35
OR
linuxlinux_kernelRange3.173.18.22
OR
linuxlinux_kernelRange3.194.1.6
VendorProductVersionCPE
redhatenterprise_linux_server6.0cpe:/o:redhat:enterprise_linux_server:6.0:::
redhatenterprise_linux_workstation6.0cpe:/o:redhat:enterprise_linux_workstation:6.0:::
redhatenterprise_linux_hpc_node6.0cpe:/o:redhat:enterprise_linux_hpc_node:6.0:::
redhatenterprise_linux_server_eus6.7.zcpe:/o:redhat:enterprise_linux_server_eus:6.7.z:::
redhatenterprise_linux_desktop6.0cpe:/o:redhat:enterprise_linux_desktop:6.0:::

References

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

54.3%