vulnerability
SUSE: CVE-2015-8709: SUSE Linux Security Advisory
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:L/AC:M/Au:N/C:C/I:C/A:C) | Feb 7, 2016 | Mar 22, 2016 | Feb 4, 2022 |
Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
Feb 7, 2016
Added
Mar 22, 2016
Modified
Feb 4, 2022
Description
** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here."
Solution(s)
suse-upgrade-cluster-md-kmp-defaultsuse-upgrade-cluster-network-kmp-defaultsuse-upgrade-dlm-kmp-defaultsuse-upgrade-gfs2-kmp-defaultsuse-upgrade-kernel-defaultsuse-upgrade-kernel-docssuse-upgrade-kernel-ec2suse-upgrade-kernel-ec2-develsuse-upgrade-kernel-ec2-extrasuse-upgrade-kernel-obs-buildsuse-upgrade-ocfs2-kmp-default
References
- SUSE-SUSE-SU-2016:0785-1
- SUSE-SUSE-SU-2016:1019
- SUSE-SUSE-SU-2016:1019-1
- SUSE-SUSE-SU-2016:1031
- SUSE-SUSE-SU-2016:1031-1
- SUSE-SUSE-SU-2016:1032
- SUSE-SUSE-SU-2016:1032-1
- SUSE-SUSE-SU-2016:1033
- SUSE-SUSE-SU-2016:1033-1
- SUSE-SUSE-SU-2016:1034
- SUSE-SUSE-SU-2016:1034-1
- SUSE-SUSE-SU-2016:1035
- SUSE-SUSE-SU-2016:1035-1
- SUSE-SUSE-SU-2016:1037
- SUSE-SUSE-SU-2016:1037-1
- SUSE-SUSE-SU-2016:1038
- SUSE-SUSE-SU-2016:1038-1
- SUSE-SUSE-SU-2016:1039
- SUSE-SUSE-SU-2016:1039-1
- SUSE-SUSE-SU-2016:1040
- SUSE-SUSE-SU-2016:1040-1
- SUSE-SUSE-SU-2016:1041
- SUSE-SUSE-SU-2016:1041-1
- SUSE-SUSE-SU-2016:1045
- SUSE-SUSE-SU-2016:1045-1
- SUSE-SUSE-SU-2016:1046
- SUSE-SUSE-SU-2016:1046-1
- SUSE-SUSE-SU-2016:1764
- SUSE-SUSE-SU-2016:1764-1
- SUSE-SUSE-SU-2017:0575-1
- DEBIAN-DSA-3434
- BID-79899
- SECTRACK-1034899
- NVD-CVE-2015-8709
- UBUNTU-USN-2847-1
- UBUNTU-USN-2848-1
- UBUNTU-USN-2849-1
- UBUNTU-USN-2850-1
- UBUNTU-USN-2851-1
- UBUNTU-USN-2852-1
- UBUNTU-USN-2853-1
- UBUNTU-USN-2854-1

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.