Lucene search

[email protected]CVE-2015-6526

HistoryAug 31, 2015 - 8:59 p.m.

CVE-2015-6526

2015-08-3120:59:07

CWE-399

[email protected]

web.nvd.nist.gov

cve-2015-6526

linux kernel

denial of service

infinite loop

ppc64

nvd

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linux kernel before 4.0.2 on ppc64 platforms allows local users to cause a denial of service (infinite loop) via a deep 64-bit userspace backtrace.

Affected configurations

NVD

Node

linuxlinux_kernelRange≤4.0.1

CPENameOperatorVersion
linux:linux_kernellinux linux kernelle4.0.1

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	le	4.0.1

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a5cbce421a283e6aea3c4007f141735bf9da8c3

www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.2

www.openwall.com/lists/oss-security/2015/08/18/4

www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

www.securityfocus.com/bid/76401

www.securitytracker.com/id/1033728

www.ubuntu.com/usn/USN-2759-1

www.ubuntu.com/usn/USN-2760-1

bugzilla.redhat.com/show_bug.cgi?id=1218454

github.com/torvalds/linux/commit/9a5cbce421a283e6aea3c4007f141735bf9da8c3

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2015-6526

nvd1 cvelist1 debiancve1 ubuntucve1 prion1 f52 openvas8 nessus9 ubuntu2 oraclelinux1 ibm1 centos1 redhat1 securityvulns1 suse1