CVE-2015-8955
Published: October 10, 2016Last modified: October 6, 2023
Description
arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs.
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.3 |
Attack Vector | LOCAL |
Attack complexity | LOW |
Privileges required | LOW |
User interaction | REQUIRED |
Scope | UNCHANGED |
Confidentiality | HIGH |
Integrity impact | HIGH |
Availability impact | HIGH |
Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Status
Product | Release | Package | Status |
---|---|---|---|
Alpaquita Linux | 23 LTS | linux-lts | Not affected (6.1.50-r0) |
Stream | linux-lts | Not affected (6.1.50-r0) |