Lucene search

K
ubuntucveUbuntu.comUB:CVE-2015-5157
HistoryJul 23, 2015 - 12:00 a.m.

CVE-2015-5157

2015-07-2300:00:00
ubuntu.com
ubuntu.com
18

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.002

Percentile

54.3%

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64
platform mishandles IRET faults in processing NMIs that occurred during
userspace execution, which might allow local users to gain privileges by
triggering an NMI.

Bugs

Notes

Author Note
jdstrand android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support
tyhicks Per oss-security, likely affects 3.3 and newer
OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchlinux< 3.13.0-59.98UNKNOWN
ubuntu15.04noarchlinux< 3.19.0-25.26UNKNOWN
ubuntu12.04noarchlinux-lts-trusty< 3.13.0-59.98~precise1UNKNOWN
ubuntu14.04noarchlinux-lts-utopic< 3.16.0-45.60~14.04.1UNKNOWN
ubuntu14.04noarchlinux-lts-vivid< 3.19.0-25.26~14.04.1UNKNOWN

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.002

Percentile

54.3%