Lucene search

MitreCVE-2015-8845

HistoryApr 27, 2016 - 5:59 p.m.

CVE-2015-8845

2016-04-2717:59:05

CWE-284

mitre

web.nvd.nist.gov

cve-2015-8845

linux kernel

powerpc

denial of service

nvd

tm bad thing exception

panic

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

16.0%

JSON

The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.

Affected configurations

Nvd

Node

linuxlinux_kernelRange≤4.4

Node

susesuse_linux_enterprise_live_patchingMatch12.0

susesuse_linux_enterprise_module_for_public_cloudMatch12.0

susesuse_linux_enterprise_real_time_extensionMatch12sp1

susesuse_linux_enterprise_software_development_kitMatch12.0

susesuse_linux_enterprise_workstation_extensionMatch12.0

novellsuse_linux_enterprise_desktopMatch12.0

novellsuse_linux_enterprise_serverMatch12.0

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
susesuse_linux_enterprise_live_patching12.0cpe:2.3:a:suse:suse_linux_enterprise_live_patching:12.0:*:*:*:*:*:*:*
susesuse_linux_enterprise_module_for_public_cloud12.0cpe:2.3:a:suse:suse_linux_enterprise_module_for_public_cloud:12.0:*:*:*:*:*:*:*
susesuse_linux_enterprise_real_time_extension12cpe:2.3:a:suse:suse_linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*
susesuse_linux_enterprise_software_development_kit12.0cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*
susesuse_linux_enterprise_workstation_extension12.0cpe:2.3:a:suse:suse_linux_enterprise_workstation_extension:12.0:*:*:*:*:*:*:*
novellsuse_linux_enterprise_desktop12.0cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*
novellsuse_linux_enterprise_server12.0cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
suse	suse_linux_enterprise_live_patching	12.0	cpe:2.3:a:suse:suse_linux_enterprise_live_patching:12.0:::::::*
suse	suse_linux_enterprise_module_for_public_cloud	12.0	cpe:2.3:a:suse:suse_linux_enterprise_module_for_public_cloud:12.0:::::::*
suse	suse_linux_enterprise_real_time_extension	12	cpe:2.3:a:suse:suse_linux_enterprise_real_time_extension:12:sp1::::::
suse	suse_linux_enterprise_software_development_kit	12.0	cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:12.0:::::::*
suse	suse_linux_enterprise_workstation_extension	12.0	cpe:2.3:a:suse:suse_linux_enterprise_workstation_extension:12.0:::::::*
novell	suse_linux_enterprise_desktop	12.0	cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:::::::*
novell	suse_linux_enterprise_server	12.0	cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:::::::*