5.5

CVE-2015-8845

EPSS 0.06%
Veröffentlicht 27.04.2016 17:59:05
Zuletzt bearbeitet 06.05.2026 22:30:45
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 15

NVD 8 VulnDex Vulnerability Enrichment 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version <= 4.4

Suse ≫ Suse Linux Enterprise Live Patching Version12.0

Suse ≫ Suse Linux Enterprise Module For Public Cloud Version12.0

Suse ≫ Suse Linux Enterprise Real Time Extension Version12 Updatesp1

Suse ≫ Suse Linux Enterprise Software Development Kit Version12.0

Suse ≫ Suse Linux Enterprise Workstation Extension Version12.0

Novell ≫ Suse Linux Enterprise Desktop Version12.0

Novell ≫ Suse Linux Enterprise Server Version12.0

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.192

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html

http://rhn.redhat.com/errata/RHSA-2016-2574.html

http://rhn.redhat.com/errata/RHSA-2016-2584.html

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html

Third Party Advisory

http://www.openwall.com/lists/oss-security/2016/04/13/1

http://www.securitytracker.com/id/1035594

https://bugzilla.redhat.com/show_bug.cgi?id=1326540

Issue Tracking

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142

Vendor Advisory

https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2015-8845

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-8845

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-8845

EUVD