Cloud Foundry Logo
blog single gear
Blog
Security Advisory

CVE-2015-3290 Linux Kernel NMI Vulnerability

by: July 29, 2015

CVE-2015-3290 Linux Kernel NMI Vulnerability

Severity

High

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu – Kernel 3.19

Description

A flaw was found in Linux kernel’s handling of nested non-maskable interrupts (NMIs). This flaw could allow an unprivileged local user to escalate their privileges or potentially cause a denial of service through a system crash.

Affected Products and Versions

Severity is high unless otherwise noted.

  • The Cloud Foundry project BOSH stemcells version 3025 or earlier contain this vulnerability.

Mitigation

Users of affected versions should apply the following mitigation:

  • The Cloud Foundry project has released BOSH stemcell 3026 which contains a patched version of the Linux kernel. It is recommended that Cloud Foundry Runtime deployments apply stemcell version 3026 or greater.

Credit

Andy Lutomirski

References

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES

You Might Also Like

USN-4144-1: Linux kernel vulnerabilities
Security Advisory

USN-4144-1: Linux kernel vulnerabilities

by Cloud Foundry Foundation Security Team November 6, 2019
USN-6517-1: Perl vulnerabilities
Security Advisory

USN-6517-1: Perl vulnerabilities

by Cloud Foundry Foundation Security Team March 18, 2024
USN-2837-1 bind9 vulnerability
Security Advisory

USN-2837-1 bind9 vulnerability

by Cloud Foundry Foundation Security Team January 7, 2016
This website uses cookies to offer you a better browsing experience. Find out more about how we use cookies and how you can change your settings. Accept