Linux kernel built with the 32-bit emulation support(CONFIG_IA32_EMULATION), is vulnerable to potential privilege escalation flaw. This could occur while calling fork(2) & close(2) system calls with an 'int80' entry, which results in an inappropriate task state in the child process. An unprivileged user could potentially use this flaw to overcome certain kernel enforced and intended limitations such as seccomp policy and thus increase their privileges on the system. Upstream fix: ------------- -> https://git.kernel.org/linus/956421fbb74c3a6261903f3836c0740187cf038b Reference: ---------- -> http://seclists.org/oss-sec/2015/q2/8
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1208599]
(In reply to Vasyl Kaigorodov from comment #1) > Created kernel tracking bugs for this issue: > > Affects: fedora-all [bug 1208599] The above commit was backported to 3.19.2 with commit 1f4d987805f78ddbc03cd901eed43aeb60ee344a. All Fedora branches are on 3.19.3 or newer.
Statement: This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2. Future kernel updates for the respective releases may address this issue. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:1139 https://rhn.redhat.com/errata/RHSA-2015-1139.html
This issue has been addressed in the following products: MRG for RHEL-6 v.2 Via RHSA-2015:1138 https://rhn.redhat.com/errata/RHSA-2015-1138.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:1137 https://rhn.redhat.com/errata/RHSA-2015-1137.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2015:1221 https://rhn.redhat.com/errata/RHSA-2015-1221.html
https://access.redhat.com/security/cve/CVE-2015-2830 still lists RHEL 5 as affected. Considering RHEL 5 is now EOL. Should this issue be closed?
Red Hat Enterprise Linux 5 is not end of life yet, it is currently in Extended Life Phase. For more information please see https://access.redhat.com/support/policy/updates/errata . From what i'm reading about internal notes though this could be closed, going to needinfo the reporter specifically to get an answer.
(In reply to Wade Mealing from comment #16) > From what i'm reading about internal notes though this could be closed, > going to needinfo the reporter specifically to get an answer. Yes, considering it is rated low impact and rhel-5 fix was deferred owing to it being close to its EOL and all other trackers are closed, we can close it.