AZL-34850

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-34850.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-34850

Upstream

CVE-2015-5157

Published

2015-08-31T10:59:11Z

Modified

2026-04-01T05:11:44.805674Z

Summary

CVE-2015-5157 affecting package kernel for versions less than 6.6.22.1-2

Details

arch/x86/entry/entry64.S in the Linux kernel before 4.1.6 on the x8664 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.

References

https://nvd.nist.gov/vuln/detail/CVE-2015-5157

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.22.1-2

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-34850.json"