Vulnerability Details : CVE-2015-0239
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction.
Vulnerability category: Denial of service
Products affected by CVE-2015-0239
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-0239
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 47 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-0239
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.4
|
MEDIUM | AV:L/AC:M/Au:N/C:P/I:P/A:P |
3.4
|
6.4
|
NIST |
CWE ids for CVE-2015-0239
-
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-0239
-
http://www.ubuntu.com/usn/USN-2518-1
USN-2518-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://permalink.gmane.org/gmane.linux.kernel.commits.head/502245
Broken Link
-
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.5
Release Notes;Vendor Advisory
-
http://www.ubuntu.com/usn/USN-2515-1
USN-2515-1: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://github.com/torvalds/linux/commit/f3747379accba8e95d70cec0eae0582c8c182050
KVM: x86: SYSENTER emulation is broken · torvalds/linux@f374737 · GitHubPatch;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2514-1
USN-2514-1: Linux kernel (OMAP4) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Oracle Linux Bulletin - October 2015Third Party Advisory
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Oracle Linux Bulletin - January 2016Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2513-1
USN-2513-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.debian.org/security/2015/dsa-3170
Debian -- Security Information -- DSA-3170-1 linuxThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1186448
1186448 – (CVE-2015-0239) CVE-2015-0239 kernel: kvm: insufficient sysenter emulation when invoked from 16-bit codeIssue Tracking;Third Party Advisory
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f3747379accba8e95d70cec0eae0582c8c182050
-
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
mandriva.comThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2517-1
USN-2517-1: Linux kernel (Utopic HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1272.html
RHSA-2015:1272 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2516-1
USN-2516-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.securityfocus.com/bid/72842
Linux Kernel KVM CVE-2015-0239 Local Privilege Escalation VulnerabilityThird Party Advisory;VDB Entry
-
http://www.openwall.com/lists/oss-security/2015/01/27/6
oss-security - KVM SYSENTER emulation vulnerability - CVE-2015-0239Exploit;Mailing List;Third Party Advisory
Jump to