diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2015-08-20 23:21:39 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2015-08-20 23:21:39 +0000 |
commit | 7e1991d5486f861999b6ae31ff9c0ce92a99eb5d (patch) | |
tree | 2e66628b94eee3c2331eb6019ce646c04319a9a2 /retired/CVE-2015-3290 | |
parent | 47e853282950b9529f0e63803c6e9aaa4403ad6e (diff) |
retire
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@3905 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2015-3290')
-rw-r--r-- | retired/CVE-2015-3290 | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2015-3290 b/retired/CVE-2015-3290 new file mode 100644 index 00000000..3f681ab9 --- /dev/null +++ b/retired/CVE-2015-3290 @@ -0,0 +1,16 @@ +Description: Privilege escalation by triggering nested NMI on x86_64 +References: https://marc.info/?l=oss-security&m=143758877425647&w=2 +Notes: + Seems to have been introduced by espfix64 in 3.16, but only in combination + with commit 3f3c8b8c4b2a ("x86: Add workaround to NMI iret woes", 3.3) + and commit e00b12e64be9 ("perf/x86: Further optimize copy_from_user_nmi()", + 3.13). espfix64 was backported to 3.2 but the others weren't. +Bugs: +upstream: released (4.2-rc3) [9d05041679904b12c12421cbcf9cb5f4860a8d7b, 0e181bb58143cb4a2e8f01c281b0816cd0e4798e, 9b6e6a8334d56354853f9c255d1395c2ba570e0a] +3.16-upstream-stable: released (3.16.7-ckt16) +3.2-upstream-stable: N/A ("Vulnerable code not present") +2.6.32-upstream-stable: N/A ("Vulnerable code not present") +sid: released (4.0.8-2) +3.16-jessie-security: released (3.16.7-ckt11-1+deb8u2) +3.2-wheezy-security: N/A ("Vulnerable code not present") +2.6.32-squeeze-security: N/A ("Vulnerable code not present") |