Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2015-6526

Published: 31/08/2015 Updated: 08/12/2016
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Linux

Vulnerability Summary

The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linux kernel prior to 4.0.2 on ppc64 platforms allows local users to cause a denial of service (infinite loop) via a deep 64-bit userspace backtrace.

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues, address severalhundred bugs, and add numerous enhancements are now available as part ofthe ongoing support and maintenance of Red H ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-ti-omap4 vulnerabilities
Several security issues were fixed in the kernel ...
Red Hat: CVE-2015-6526
A flaw was found in the way the Linux kernel's perf subsystem retrieved userlevel stack traces on PowerPC systems A local, unprivileged user could use this flaw to cause a denial of service on the system by creating a special stack layout that would force the perf_callchain_user_64() function into an infinite loop ...

References

CWE-399http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.2http://www.openwall.com/lists/oss-security/2015/08/18/4https://github.com/torvalds/linux/commit/9a5cbce421a283e6aea3c4007f141735bf9da8c3http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a5cbce421a283e6aea3c4007f141735bf9da8c3https://bugzilla.redhat.com/show_bug.cgi?id=1218454http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttp://www.securityfocus.com/bid/76401http://www.ubuntu.com/usn/USN-2760-1http://www.ubuntu.com/usn/USN-2759-1http://www.securitytracker.com/id/1033728https://access.redhat.com/errata/RHSA-2015:2152https://nvd.nist.govhttps://usn.ubuntu.com/2759-1/https://access.redhat.com/security/cve/cve-2015-6526
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook