Bug 1284450 (CVE-2015-8539)
Summary: | CVE-2015-8539 kernel: local privesc in key management | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Wade Mealing <wmealing> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | aquini, bhu, carnil, dhoward, dhowells, fhrbata, iboverma, jforbes, jkacur, jross, jwboyer, labbott, lgoncalv, matt, mcressma, nmurray, osoukup, pholasek, plougher, rvrbovsk, security-response-team, vgoyal, vvs, williams |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
A flaw was found in the Linux kernel's key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the ->update key type method must be aware that the error code may be there.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-06-08 02:45:48 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1284059, 1411618, 1411619, 1411620, 1411621, 1411622, 1411623, 1411624, 1466457 | ||
Bug Blocks: | 1284354 |
Description
Wade Mealing
2015-11-23 11:33:15 UTC
Acknowledgment: Red Hat would like to thank Dmitry Vyukov of Google engineering for reporting this issue to Red Hat. CVE-2015-8539 was assigned: http://seclists.org/oss-sec/2015/q4/465 Statement: This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 4 and 5. This issue does affect the kernels shipped with Red Hat Enterprise Linux 6, 7, MRG-2 and realtime kernels and plans to be addressed in a future update. External References: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:0151 https://access.redhat.com/errata/RHSA-2018:0151 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:0152 https://access.redhat.com/errata/RHSA-2018:0152 This issue has been addressed in the following products: Red Hat Enterprise MRG 2 Via RHSA-2018:0181 https://access.redhat.com/errata/RHSA-2018:0181 |