ID |
CVE-2015-7837
|
Summary |
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:o:redhat:kernel-rt:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:kernel-rt:7.0:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*
|
CVSS |
Base: | 2.1 (as of 05-10-2017 - 14:43) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-254 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
PARTIAL |
NONE |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:N/I:P/A:N
|
redhat
via4
|
advisories | bugzilla | id | 1272472 | title | CVE-2015-7837 kernel: securelevel disabled after kexec |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 7 is installed | oval | oval:com.redhat.rhba:tst:20150364027 |
OR | comment | kernel-rt earlier than 0:3.10.0-327.rt56.204.el7 is currently running | oval | oval:com.redhat.rhsa:tst:20152152031 |
comment | kernel-rt earlier than 0:3.10.0-327.rt56.204.el7 is set to boot up on next boot | oval | oval:com.redhat.rhsa:tst:20152411016 |
|
OR | AND | comment | kernel-rt is earlier than 0:3.10.0-327.rt56.204.el7 | oval | oval:com.redhat.rhsa:tst:20152411001 |
comment | kernel-rt is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150727002 |
|
AND | comment | kernel-rt-debug is earlier than 0:3.10.0-327.rt56.204.el7 | oval | oval:com.redhat.rhsa:tst:20152411003 |
comment | kernel-rt-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150727004 |
|
AND | comment | kernel-rt-debug-devel is earlier than 0:3.10.0-327.rt56.204.el7 | oval | oval:com.redhat.rhsa:tst:20152411005 |
comment | kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150727006 |
|
AND | comment | kernel-rt-devel is earlier than 0:3.10.0-327.rt56.204.el7 | oval | oval:com.redhat.rhsa:tst:20152411007 |
comment | kernel-rt-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150727008 |
|
AND | comment | kernel-rt-doc is earlier than 0:3.10.0-327.rt56.204.el7 | oval | oval:com.redhat.rhsa:tst:20152411009 |
comment | kernel-rt-doc is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150727010 |
|
AND | comment | kernel-rt-trace is earlier than 0:3.10.0-327.rt56.204.el7 | oval | oval:com.redhat.rhsa:tst:20152411011 |
comment | kernel-rt-trace is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150727012 |
|
AND | comment | kernel-rt-trace-devel is earlier than 0:3.10.0-327.rt56.204.el7 | oval | oval:com.redhat.rhsa:tst:20152411013 |
comment | kernel-rt-trace-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150727014 |
|
|
|
|
| rhsa | id | RHSA-2015:2411 | released | 2015-11-19 | severity | Important | title | RHSA-2015:2411: kernel-rt security, bug fix, and enhancement update (Important) |
|
| rpms | - kernel-0:3.10.0-327.el7
- kernel-abi-whitelists-0:3.10.0-327.el7
- kernel-bootwrapper-0:3.10.0-327.el7
- kernel-debug-0:3.10.0-327.el7
- kernel-debug-debuginfo-0:3.10.0-327.el7
- kernel-debug-devel-0:3.10.0-327.el7
- kernel-debuginfo-0:3.10.0-327.el7
- kernel-debuginfo-common-ppc64-0:3.10.0-327.el7
- kernel-debuginfo-common-ppc64le-0:3.10.0-327.el7
- kernel-debuginfo-common-s390x-0:3.10.0-327.el7
- kernel-debuginfo-common-x86_64-0:3.10.0-327.el7
- kernel-devel-0:3.10.0-327.el7
- kernel-doc-0:3.10.0-327.el7
- kernel-headers-0:3.10.0-327.el7
- kernel-kdump-0:3.10.0-327.el7
- kernel-kdump-debuginfo-0:3.10.0-327.el7
- kernel-kdump-devel-0:3.10.0-327.el7
- kernel-tools-0:3.10.0-327.el7
- kernel-tools-debuginfo-0:3.10.0-327.el7
- kernel-tools-libs-0:3.10.0-327.el7
- kernel-tools-libs-devel-0:3.10.0-327.el7
- perf-0:3.10.0-327.el7
- perf-debuginfo-0:3.10.0-327.el7
- python-perf-0:3.10.0-327.el7
- python-perf-debuginfo-0:3.10.0-327.el7
- kernel-rt-0:3.10.0-327.rt56.204.el7
- kernel-rt-debug-0:3.10.0-327.rt56.204.el7
- kernel-rt-debug-debuginfo-0:3.10.0-327.rt56.204.el7
- kernel-rt-debug-devel-0:3.10.0-327.rt56.204.el7
- kernel-rt-debuginfo-0:3.10.0-327.rt56.204.el7
- kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.rt56.204.el7
- kernel-rt-devel-0:3.10.0-327.rt56.204.el7
- kernel-rt-doc-0:3.10.0-327.rt56.204.el7
- kernel-rt-trace-0:3.10.0-327.rt56.204.el7
- kernel-rt-trace-debuginfo-0:3.10.0-327.rt56.204.el7
- kernel-rt-trace-devel-0:3.10.0-327.rt56.204.el7
|
|
refmap
via4
|
bid | 77097 | confirm | | mlist | [oss-security] 20151015 Re: CVE Request - Linux kernel - securelevel/secureboot bypass. |
|
Last major update |
05-10-2017 - 14:43 |
Published |
19-09-2017 - 16:29 |
Last modified |
05-10-2017 - 14:43 |