Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2015-8539

Published: 08/02/2016 Updated: 31/01/2022
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Canonical

Vulnerability Summary

The KEYS subsystem in the Linux kernel prior to 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

canonical ubuntu linux 12.04

canonical ubuntu linux 14.04

suse linux enterprise real time extension 12

linux linux kernel

linux linux kernel 4.4

Vendor Advisories

Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were fixed in the Linux kernel ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise MRG 2Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...

References

CWE-269http://www.openwall.com/lists/oss-security/2015/12/09/1https://github.com/torvalds/linux/commit/096fe9eaea40a17e125569f9e657e34cdb6d73bdhttps://bugzilla.redhat.com/show_bug.cgi?id=1284450http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bdhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.htmlhttps://access.redhat.com/errata/RHSA-2018:0181https://access.redhat.com/errata/RHSA-2018:0152https://access.redhat.com/errata/RHSA-2018:0151https://usn.ubuntu.com/3798-2/https://usn.ubuntu.com/3798-1/https://usn.ubuntu.com/3798-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook