Linux Kernel 'x86/entry/entry_64.S 'Local Security Restriction Bypass Vulnerability

Linux Kernel 'x86/entry/entry_64.S 'Local Security Restriction Bypass Vulnerability
Linux Kernel 'x86/entry/entry_64.S 'Local Security Restriction Bypass Vulnerability

Release date:
Updated on:

Affected Systems:

Linux kernel 3.3.5
Linux kernel 3.3.4
Linux kernel 3.3.2

Description:

Bugtraq id: 76003
CVE (CAN) ID: CVE-2015-3291

Linux Kernel is the Kernel of the Linux operating system.

If NMI occurs after SYSCALL or before SYSRET is called and RSP points to the nmi ist stack, the kernel skips the NMI, bypasses the security restriction, and performs unauthorized operations.

<* Source: Andy Lutomirski
*>

Suggestion:

Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit? Id = 810bc075f78ff2c221536eb3008eac6a424dba2d

How to install Kernel 4.0.2 on CentOS 7

How to install Linux Kernel 4.0 on CentOS 7

How to install Linux kernel 4.0 on Ubuntu/CentOS?

How to install Linux kernel 13.10 On Ubuntu 3.12

How to install the 3.16.7 CKT2 kernel in Ubuntu 14.10, Ubuntu 14.04, and its derivative versions

Linux Kernel: click here
Linux Kernel: click here

This article permanently updates the link address: