Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-2689-1
HistoryJul 28, 2015 - 12:00 a.m.

Linux kernel (Utopic HWE) vulnerabilities

2015-07-2800:00:00
ubuntu.com
55

6.5 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

53.6%

JSON

Releases

  • Ubuntu 14.04 ESM

Packages

  • linux-lts-utopic - Linux hardware enablement kernel from Utopic

Details

Andy Lutomirski discovered a flaw in the Linux kernel’s handling of nested
NMIs (non-maskable interrupts). An unprivileged local user could exploit
this flaw to cause a denial of service (system crash) or potentially
escalate their privileges. (CVE-2015-3290)

Colin King discovered a flaw in the add_key function of the Linux kernel’s
keyring subsystem. A local user could exploit this flaw to cause a denial
of service (memory exhaustion). (CVE-2015-1333)

Andy Lutomirski discovered a flaw that allows user to cause the Linux
kernel to ignore some NMIs (non-maskable interrupts). A local unprivileged
user could exploit this flaw to potentially cause the system to miss
important NMIs resulting in unspecified effects. (CVE-2015-3291)

Andy Lutomirski and Petr Matousek discovered that an NMI (non-maskable
interrupt) that interrupts userspace and encounters an IRET fault is
incorrectly handled by the Linux kernel. An unprivileged local user could
exploit this flaw to cause a denial of service (kernel OOPs), corruption,
or potentially escalate privileges on the system. (CVE-2015-5157)

OSVersionArchitecturePackageVersionFilename
Ubuntu14.04noarchlinux-image-3.16.0-45-generic< 3.16.0-45.60~14.04.1UNKNOWN
Ubuntu14.04noarchblock-modules-3.16.0-45-generic-di< 3.16.0-45.60~14.04.1UNKNOWN
Ubuntu14.04noarchcrypto-modules-3.16.0-45-generic-di< 3.16.0-45.60~14.04.1UNKNOWN
Ubuntu14.04noarchfat-modules-3.16.0-45-generic-di< 3.16.0-45.60~14.04.1UNKNOWN
Ubuntu14.04noarchfb-modules-3.16.0-45-generic-di< 3.16.0-45.60~14.04.1UNKNOWN
Ubuntu14.04noarchfirewire-core-modules-3.16.0-45-generic-di< 3.16.0-45.60~14.04.1UNKNOWN
Ubuntu14.04noarchfloppy-modules-3.16.0-45-generic-di< 3.16.0-45.60~14.04.1UNKNOWN
Ubuntu14.04noarchfs-core-modules-3.16.0-45-generic-di< 3.16.0-45.60~14.04.1UNKNOWN
Ubuntu14.04noarchfs-secondary-modules-3.16.0-45-generic-di< 3.16.0-45.60~14.04.1UNKNOWN
Ubuntu14.04noarchinput-modules-3.16.0-45-generic-di< 3.16.0-45.60~14.04.1UNKNOWN
Rows per page:
1-10 of 571

Related

nessus 53
openvas 44
ubuntu 5
fedora 5
osv 2
debian 4
securityvulns 2
prion 4
zdt 1
cve 4
debiancve 4
ubuntucve 4
cloudfoundry 1
packetstorm 1
exploitpack 1
f5 3
oraclelinux 11
cbl_mariner 2
veracode 3
exploitdb 1
redhat 7
centos 3
suse 9
mageia 3
lenovo 1
nessus
nessus
Ubuntu 15.04 : linux vulnerabilities (USN-2691-1)
2015-07-29 00:00:00
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2690-1)
2015-07-29 00:00:00
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2688-1)
2015-07-29 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2691-1)
2015-09-18 00:00:00
Ubuntu: Security Advisory (USN-2689-1)
2015-07-30 00:00:00
Ubuntu: Security Advisory (USN-2690-1)
2015-07-30 00:00:00
ubuntu
ubuntu
Linux kernel (Trusty HWE) vulnerabilities
2015-07-28 00:00:00
Linux kernel vulnerabilities
2015-07-28 00:00:00
Linux kernel vulnerabilities
2015-07-28 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: kernel-4.1.3-201.fc22
2015-08-05 22:26:07
[SECURITY] Fedora 22 Update: kernel-4.1.5-200.fc22
2015-08-19 08:04:21
[SECURITY] Fedora 22 Update: kernel-4.1.4-200.fc22
2015-08-12 06:58:24
osv
osv
linux - security update
2015-07-23 00:00:00
linux - security update
2015-08-07 00:00:00
debian
debian
[SECURITY] [DSA 3313-1] linux security update
2015-07-23 06:49:38
[SECURITY] [DSA 3313-1] linux security update
2015-07-23 06:49:38
[SECURITY] [DSA 3329-1] linux security update
2015-08-07 07:18:37
securityvulns
securityvulns
[SECURITY] [DSA 3313-1] linux security update
2015-07-26 00:00:00
Linux kernel multiple security vulnerabilities
2015-09-21 00:00:00
prion
prion
Code injection
2015-08-31 10:59:00
Design/Logic Flaw
2015-08-31 10:59:00
Memory corruption
2015-08-31 10:59:00
zdt
zdt
Linux x86_64 NMI Privilege Escalation Due to Nested NMIs Interrupting espfix64
2015-08-05 00:00:00
cve
cve
CVE-2015-3290
2015-08-31 10:59:00
CVE-2015-5157
2015-08-31 10:59:00
CVE-2015-1333
2015-08-31 10:59:00
debiancve
debiancve
CVE-2015-3290
2015-08-31 10:59:00
CVE-2015-1333
2015-08-31 10:59:00
CVE-2015-3291
2015-08-31 10:59:00
ubuntucve
ubuntucve
CVE-2015-3290
2015-07-23 00:00:00
CVE-2015-5157
2015-07-23 00:00:00
CVE-2015-1333
2015-07-27 00:00:00
cloudfoundry
cloudfoundry
CVE-2015-3290 Linux Kernel NMI Vulnerability | Cloud Foundry
2015-07-29 00:00:00
packetstorm
packetstorm
Linux Nested NMIs Privilege Escalation
2015-08-07 00:00:00
exploitpack
exploitpack
Linux Kernel - espfix64 Nested NMIs Interrupting Privilege Escalation
2015-08-05 00:00:00
f5
f5
K17326 : Linux kernel vulnerability CVE-2015-5157
2015-09-25 00:00:00
SOL17326 - Linux kernel vulnerability CVE-2015-5157
2015-09-25 00:00:00
K05211147 : Kernel vulnerabilities CVE-2014-8559, CVE-2015-0275, CVE-2015-1333, CVE-2015-3212, and CVE-2015-4700
2019-04-08 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2016-02-18 00:00:00
kernel security, bug fix, and enhancement update
2016-05-03 00:00:00
Unbreakable Enterprise kernel security update
2015-09-16 00:00:00
cbl_mariner
cbl_mariner
CVE-2015-5157 affecting package kernel 6.6.14.1-4
2024-04-02 21:08:16
CVE-2015-5157 affecting package kernel 5.15.148.2-2
2024-04-09 20:48:36
veracode
veracode
Privilege Escalation
2019-01-15 09:10:13
Denial Of Service (DoS)
2019-05-02 05:18:16
Denial Of Service (DoS)
2019-05-02 05:24:43
exploitdb
exploitdb
Linux Kernel - &#039;espfix64&#039; Nested NMIs Interrupting Privilege Escalation
2015-08-05 00:00:00
redhat
redhat
(RHSA-2016:0185) Important: kernel security and bug fix update
2016-02-16 10:28:15
(RHSA-2016:0224) Important: kernel-rt security, bug fix, and enhancement update
2016-02-16 00:00:00
(RHSA-2016:0212) Important: kernel-rt security, bug fix, and enhancement update
2016-02-16 10:28:21
centos
centos
kernel, perf, python security update
2016-02-17 03:38:06
kernel, perf, python security update
2016-05-04 03:07:19
kernel, perf, python security update
2015-09-16 12:54:26
suse
suse
Security update for the Linux Kernel (important)
2015-10-29 17:52:39
Security update for kernel-source (important)
2015-10-13 11:09:43
Security update for the Linux Kernel (important)
2015-11-26 13:10:56
mageia
mageia
Updated kernel-linus package provides 4.1 longterm and fixes security issues
2015-10-09 21:47:39
Updated kernel packages provides 4.1 longterm and fixes security issues
2015-10-01 00:35:18
Updated kernel-tmb packages provides 4.1 longterm kernel and fixes security issues
2016-01-14 04:44:39
lenovo
lenovo
AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support US
2020-04-13 19:22:04

6.5 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

53.6%

JSON
Related for USN-2689-1
nessus53openvas44ubuntu5fedora5osv2debian4securityvulns2prion4zdt1cve4debiancve4ubuntucve4cloudfoundry1packetstorm1exploitpack1f53oraclelinux11cbl_mariner2veracode3exploitdb1redhat7centos3suse9mageia3lenovo1