CVE-2015-5157
published 2015-08-31CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace…
high7.2CVSS 3.1
AVLACLAuNCCICAC
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 4.0.8-2 (bookworm) | linux 4.0.8-2 (bookworm) |
| linux | linux_kernel | < 3.12.47 | 3.12.47 |
| linux | linux_kernel | >= 0 < 4.0.8-2 | 4.0.8-2 |
| linux | linux_kernel | >= 0 < 4.0.8-2 | 4.0.8-2 |
| linux | linux_kernel | >= 0 < 4.0.8-2 | 4.0.8-2 |
| linux | linux_kernel | >= 0 < 4.0.8-2 | 4.0.8-2 |
| linux | linux_kernel | >= 0 < 3.13.0-61.100 | 3.13.0-61.100 |
| linux | linux_kernel | >= 0 < 3.13.0-59.98 | 3.13.0-59.98 |
| linux | linux_kernel | >= 3.13 < 3.14.54 | 3.14.54 |
| linux | linux_kernel | >= 3.15 < 3.16.35 | 3.16.35 |
| linux | linux_kernel | >= 3.17 < 3.18.22 | 3.18.22 |
| linux | linux_kernel | >= 3.19 < 4.1.6 | 4.1.6 |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_hpc_node | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_workstation | — | — |
CVSS provenance
nvd7.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH