|
|
Subscribe / Log in / New account

kernel: privilege escalation

Package(s):kernel CVE #(s):CVE-2015-8539
Created:January 19, 2016 Updated:January 20, 2016
Description: From the SUSE bugzilla entry:

If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the ->update key type method must be aware that the error code may be there.

The paging address is predictable and mappable as userspace memory and can be used by abused by an attacker to escalate privileges.

Alerts:
openSUSE openSUSE-SU-2016:2649-1 kernel 2016-10-26
SUSE SUSE-SU-2016:2074-1 kernel 2016-08-15
SUSE SUSE-SU-2016:1937-1 kernel 2016-08-02
openSUSE openSUSE-SU-2016:0280-1 kernel 2016-01-29
SUSE SUSE-SU-2016:0168-1 kernel 2016-01-19
SUSE SUSE-SU-2016:1203-1 kernel 2016-05-03
SUSE SUSE-SU-2016:1102-1 kernel 2016-04-19
SUSE SUSE-SU-2016:0911-1 kernel 2016-03-30
SUSE SUSE-SU-2016:0585-1 kernel 2016-02-25
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds