CVE-2015-8845

Summary

CVE	CVE-2015-8845
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2016-04-27 17:59:00 UTC
Updated	2018-01-05 02:30:00 UTC
Description	The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.

Risk And Classification

Problem Types: CWE-284

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Linux	Linux Kernel	All	All	All	All
Operating System	Novell	Suse Linux Enterprise Desktop	12.0	All	All	All
Operating System	Novell	Suse Linux Enterprise Desktop	12.0	All	All	All
Operating System	Novell	Suse Linux Enterprise Server	12.0	All	All	All
Operating System	Novell	Suse Linux Enterprise Server	12.0	All	All	All
Application	Suse	Suse Linux Enterprise Live Patching	12.0	All	All	All
Application	Suse	Suse Linux Enterprise Live Patching	12.0	All	All	All
Application	Suse	Suse Linux Enterprise Module For Public Cloud	12.0	All	All	All
Application	Suse	Suse Linux Enterprise Module For Public Cloud	12.0	All	All	All
Application	Suse	Suse Linux Enterprise Real Time Extension	12	sp1	All	All
Application	Suse	Suse Linux Enterprise Real Time Extension	12	sp1	All	All
Application	Suse	Suse Linux Enterprise Software Development Kit	12.0	All	All	All
Application	Suse	Suse Linux Enterprise Software Development Kit	12.0	All	All	All
Application	Suse	Suse Linux Enterprise Workstation Extension	12.0	All	All	All
Application	Suse	Suse Linux Enterprise Workstation Extension	12.0	All	All	All

References

Reference	Source	Link	Tags
[security-announce] SUSE-SU-2016:1937-1: important: Security update for	SUSE	lists.opensuse.org	Third Party Advisory
powerpc/tm: Check for already reclaimed tasks · torvalds/linux@7f821fc · GitHub	CONFIRM	github.com	Patch, Vendor Advisory
www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1	CONFIRM	www.kernel.org
Red Hat Customer Portal	REDHAT	rhn.redhat.com
Linux Kernel powerpc Bugs Lets Local Users Cause Denial of Service Conditions on the Target System - SecurityTracker	SECTRACK	www.securitytracker.com
kernel/git/torvalds/linux.git - Linux kernel source tree	CONFIRM	git.kernel.org	Vendor Advisory
oss-security - CVE Request: Linux kernel: incorrect restoration of machine specific registers from signal handler.	MLIST	www.openwall.com
1326540 – (CVE-2015-8844, CVE-2015-8845) CVE-2015-8845 CVE-2015-8844 kernel: incorrect restoration of machine specific registers from userspace	CONFIRM	bugzilla.redhat.com	Issue Tracking
[security-announce] SUSE-SU-2016:1690-1: important: Security update for	SUSE	lists.opensuse.org	Third Party Advisory
[security-announce] SUSE-SU-2016:2105-1: important: Security update for	SUSE	lists.opensuse.org
[security-announce] openSUSE-SU-2016:2184-1: important: Security update	SUSE	lists.opensuse.org
Red Hat Customer Portal	REDHAT	rhn.redhat.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

671064 EulerOS Security Update for kernel (EulerOS-SA-2019-2599)