NVD

Id
22733  
Name
CVE-2015-0239  
Description
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction.  
Reject
 
CVSS Version
2  
CVSS Score
4.7  
Severity
Medium  
CVSS Base Score
4.7  
CVSS Impact Subscore
7.8  
CVSS Exploit Subscore
1.9  
CVSS Vector
(AV:L/AC:H/Au:N/C:N/I:P/A:C)  
Pub Date
2017-01-19  
Published
2015-03-02  
Modified Date
2016-12-23  
Seq
2015-0239  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
120344 22733 CVE-2015-0239 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f3747379accba8e95d70cec0eae0582c8c182050  View
120345 22733 CVE-2015-0239 [bk-commits-head] 20150123 KVM: x86: SYSENTER emulation is broken  View
120346 22733 CVE-2015-0239 RHSA-2015:1272  View
120347 22733 CVE-2015-0239 DSA-3170  View
120348 22733 CVE-2015-0239 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.5  View
120349 22733 CVE-2015-0239 MDVSA-2015:058  View
120350 22733 CVE-2015-0239 [oss-security] 20150127 KVM SYSENTER emulation vulnerability - CVE-2015-0239  View
120351 22733 CVE-2015-0239 http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html  View
120352 22733 CVE-2015-0239 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html  View
120353 22733 CVE-2015-0239 72842  View
120354 22733 CVE-2015-0239 USN-2513-1  View
120355 22733 CVE-2015-0239 USN-2514-1  View
120356 22733 CVE-2015-0239 USN-2515-1  View
120357 22733 CVE-2015-0239 USN-2516-1  View
120358 22733 CVE-2015-0239 USN-2517-1  View
120359 22733 CVE-2015-0239 USN-2518-1  View
120360 22733 CVE-2015-0239 https://bugzilla.redhat.com/show_bug.cgi?id=1186448  View
120361 22733 CVE-2015-0239 https://github.com/torvalds/linux/commit/f3747379accba8e95d70cec0eae0582c8c182050  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
6328 JVNDB-2015-001648 Linux Kernel の arch/x86/kvm/emulate.c 内の em_sysenter 関数におけるゲスト OS の権限を取得される脆弱性 Linux Kernel の arch/x86/kvm/emulate.c 内の em_sysenter 関数には、ゲスト OS に SYSENTER MSR の初期化が欠落している場合、ゲスト OS の権限を取得される、またはサービス運用妨害(ゲスト OS クラッシュ) 状態にされる脆弱性が存在します。 CVE-2015-0239 77450 CVE-2015-0239 22733 4.7 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-001648.html 2015-01-29 2015-03-04 View