A flaw was found in the Linux kernel in versions before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs. Upstream patch: https://github.com/torvalds/linux/commit/8fff105e13041e49b82f92eef034f363a6b1c071 Related: https://source.android.com/security/bulletin/2016-10-01.html https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8955 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8955
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1383393]
Statement: This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. 6, 7 and Red Hat Enterprise MRG-2 as the code with the flaw is not present in the products listed.