UBUNTU-CVE-2015-8955

Details

arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs.

Affected Packages

Ubuntu:14.04:LTSlinux

Affected versions:

3.11.0-12.193.12.0-1.33.12.0-2.53.12.0-2.73.12.0-3.83.12.0-3.93.12.0-4.103.12.0-4.123.12.0-5.133.12.0-7.15+106 more

Fixed in:

3.13.0-125.174

Ubuntu:16.04:LTSlinux

Fixed in:

4.2.0-16.19

Ubuntu:14.04:LTSlinux-aws

Fixed in:

4.4.0-1002.2

Ubuntu:16.04:LTSlinux-aws

Fixed in:

4.4.0-1001.10

Ubuntu:14.04:LTSlinux-azure

Fixed in:

4.15.0-1023.24~14.04.1

Ubuntu:16.04:LTSlinux-azure

Fixed in:

4.11.0-1009.9

Ubuntu:16.04:LTSlinux-euclid

Fixed in:

4.4.0-9019.20

Ubuntu:16.04:LTSlinux-gcp

Fixed in:

4.10.0-1004.4

Ubuntu:16.04:LTSlinux-gke

Fixed in:

4.4.0-1003.3

Ubuntu:16.04:LTSlinux-hwe

Fixed in:

4.8.0-36.36~16.04.1

Ubuntu:16.04:LTSlinux-kvm

Fixed in:

4.4.0-1004.9

Ubuntu:14.04:LTSlinux-lts-xenial

Fixed in:

4.4.0-13.29~14.04.1

Ubuntu:16.04:LTSlinux-oem

Fixed in:

4.13.0-1008.9

Ubuntu:16.04:LTSlinux-raspi2

Fixed in:

4.2.0-1013.19

Ubuntu:16.04:LTSlinux-snapdragon

Fixed in:

4.4.0-1012.12

References

REPORThttp://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8fff105e13041e49b82f92eef034f363a6b1c071 REPORThttp://source.android.com/security/bulletin/2016-10-01.html REPORThttps://ubuntu.com/security/CVE-2015-8955 REPORThttps://ubuntu.com/security/notices/USN-3360-1 REPORThttps://ubuntu.com/security/notices/USN-3360-2 REPORThttps://www.cve.org/CVERecord?id=CVE-2015-8955

UBUNTU-CVE-2015-8955

Details

Affected Packages

References

CVSS Analysis

Related

Ecosystems

Timeline