CVE-2015-6526 : The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linu

The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linux kernel before 4.0.2 on ppc64 platforms allows local users to cause a denial of service (infinite loop) via a deep 64-bit userspace backtrace.

Published 2015-08-31 20:59:07

Updated 2025-04-12 10:46:41

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2015-6526

Linux » Linux Kernel
Versions up to, including, (<=) 4.0.1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2015-6526

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 13 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-6526

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.9	MEDIUM	AV:L/AC:L/Au:N/C:N/I:N/A:C	3.9	6.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

CWE ids for CVE-2015-6526

CWE-399

Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-6526

https://bugzilla.redhat.com/show_bug.cgi?id=1218454

1218454 – (CVE-2015-6526) CVE-2015-6526 kernel: perf on ppc64 can loop forever getting userlevel stacktraces
http://www.openwall.com/lists/oss-security/2015/08/18/4

oss-security - CVE request - Linux kernel - perf on ppp64 - unbounded checks in perf_callchain_user_64 denial of service.
http://www.securitytracker.com/id/1033728

Linux Kernel Infinite Loop in perf_callchain_user_64() Lets Local Users Cause Denial of Service Conditions on the Target System - SecurityTracker
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

Oracle Linux Bulletin - October 2015

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2760-1

USN-2760-1: Linux kernel (OMAP4) vulnerabilities | Ubuntu security notices

CVEs referencing this url
https://github.com/torvalds/linux/commit/9a5cbce421a283e6aea3c4007f141735bf9da8c3

powerpc/perf: Cap 64bit userspace backtraces to PERF_MAX_STACK_DEPTH · torvalds/linux@9a5cbce · GitHub
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.2

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2759-1

USN-2759-1: Linux kernel vulnerabilities | Ubuntu security notices

CVEs referencing this url
http://www.securityfocus.com/bid/76401

Linux Kernel 'perf_callchain_user_64()' Function Denial of Service Vulnerability
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a5cbce421a283e6aea3c4007f141735bf9da8c3

kernel/git/torvalds/linux.git - Linux kernel source tree

Jump to

Vulnerability Details : CVE-2015-6526

Products affected by CVE-2015-6526

Exploit prediction scoring system (EPSS) score for CVE-2015-6526

CVSS scores for CVE-2015-6526

CWE ids for CVE-2015-6526

References for CVE-2015-6526