CVE-2015-0239Improper Privilege Management in Kernel

CWE-269Improper Privilege ManagementCWE-391Unchecked Error Condition19 documents9 sources
Severity
4.4MEDIUMNVD
OSV2.1
EPSS
0.1%
top 72.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Linux KernelCanonical Ubuntu LinuxDebian Linux+4 more
Timeline
PublishedMar 2
Latest updateMay 13

Description

The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction.

CVSS vector

AV:L/AC:M/C:P/I:P/A:PExploitability: 3.4 | Impact: 6.4

Affected Packages7 packages

NVDlinux/linux_kernel< 3.18.5
Debianlinux/linux_kernel< 3.16.7-ckt4-2+3
Ubuntulinux/linux_kernel< 3.13.0-46.75
NVDoracle/linux5, 7+1

Also affects: Debian Linux 7.0, 8.0, Ubuntu Linux 12.04, 14.04, 14.10

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

8
GHSA
GHSA-h9w7-gg89-fg55: The em_sysenter function in arch/x86/kvm/emulate2022-05-13
OSV
linux vulnerabilities2015-03-04
CVEList
CVE-2015-0239: The em_sysenter function in arch/x86/kvm/emulate2015-03-02
OSV
CVE-2015-0239: The em_sysenter function in arch/x86/kvm/emulate2015-03-02
OSV
linux vulnerability2015-02-28

📋Vendor Advisories

8
Ubuntu
Linux kernel (Trusty HWE) vulnerabilities2015-02-26
Ubuntu
Linux kernel (OMAP4) vulnerabilities2015-02-26
Ubuntu
Linux kernel vulnerabilities2015-02-26
Ubuntu
Linux kernel vulnerabilities2015-02-26
Ubuntu
Linux kernel (Utopic HWE) vulnerabilities2015-02-26

💬Community

2
Bugzilla
CVE-2015-0239 kernel: kvm: insufficient sysenter emulation when invoked from 16-bit code [fedora-all]2015-01-27
Bugzilla
CVE-2015-0239 kernel: kvm: insufficient sysenter emulation when invoked from 16-bit code2015-01-27
CVE-2015-0239 — Improper Privilege Management in Kernel | cvebase