Mailinglist Archive: opensuse-bugs (4283 mails)

< Previous Next >
[Bug 1037306] New: VUL-0: CVE-2015-9004: kernel-source: kernel/events/core.c in < 3.19 mishandles counter grouping (perf_pmu_register and perf_event_open)
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Tue, 02 May 2017 23:41:16 +0000
  • Message-id: <bug-1037306-21960@http.bugzilla.opensuse.org/>
http://bugzilla.opensuse.org/show_bug.cgi?id=1037306


Bug ID: 1037306
Summary: VUL-0: CVE-2015-9004: kernel-source:
kernel/events/core.c in < 3.19 mishandles counter
grouping (perf_pmu_register and perf_event_open)
Classification: openSUSE
Product: openSUSE Distribution
Version: Leap 42.2
Hardware: Other
OS: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Security
Assignee: security-team@xxxxxxx
Reporter: mikhail.kasimov@xxxxxxxxx
QA Contact: qa-bugs@xxxxxxx
Found By: ---
Blocker: ---

Ref: https://nvd.nist.gov/vuln/detail/CVE-2015-9004
===================================================
Description

kernel/events/core.c in the Linux kernel before 3.19 mishandles counter
grouping, which allows local users to gain privileges via a crafted
application, related to the perf_pmu_register and perf_event_open functions.

Source: MITRE Last Modified: 05/02/2017
===================================================

Hyperlink

[1]
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511

[2]
https://github.com/torvalds/linux/commit/c3c87e770458aa004bd7ed3f29945ff436fd6511

[3] https://source.android.com/security/bulletin/2017-05-01

Please, check, if it is applicable for SUSE-supported kernel-branches.

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >
Follow Ups