Updated: 2023-12-06
CWE: Buffer Errors
Description:
Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd.
CVSS3:
OS | Vendor version | Errata |
---|---|---|
RHEL 7 | 3.10.0-229.11.1.el7 | RHSA-2015:1534 |
Ubuntu 14.04 | 3.13.0-51.84 | USN-2588-1 |
Ubuntu 14.04 ESM | 3.13.0-51.84 | USN-2588-1 |
CentOS 7 | 3.10.0-229.11.1.el7 | CESA-2015:1534 |
CentOS 7 plus | 3.10.0-229.11.1.el7.centos.plus | CESA-2015:1534 |
Oracle Linux 7 | 3.10.0-229.11.1.el7 | ELSA-2015-1534 |
OS | Original kernel version | State |
---|---|---|
RHEL 7 |
3.10.0-123.8.1.el7
show all
hide all
3.10.0-123.13.1.el7
3.10.0-229.el7
3.10.0-123.6.3.el7
3.10.0-123.13.2.el7
3.10.0-123.20.1.el7
3.10.0-123.4.2.el7
3.10.0-123.1.2.el7
3.10.0-123.9.2.el7
3.10.0-123.9.3.el7
3.10.0-123.el7
3.10.0-123.4.4.el7
3.10.0-229.4.2.el7
3.10.0-229.7.2.el7
3.10.0-229.1.2.el7
|
Released |
Ubuntu 14.04 |
3.13.0-39.66
show all
hide all
3.13.0-37.64
3.13.0-49.83
3.13.0-41.70
3.13.0-36.63
3.13.0-44.73
3.13.0-49.81
3.13.0-46.75
3.13.0-40.69
3.13.0-33.58
3.13.0-43.72
3.13.0-38.65
3.13.0-45.74
3.13.0-46.76
3.13.0-40.68
3.13.0-46.77
3.13.0-32.57
3.13.0-46.79
3.13.0-34.60
3.13.0-35.62
3.13.0-48.80
|
Released |
Ubuntu 14.04 ESM | |
Ready For Release |
CentOS 7 |
3.10.0-229.7.2.el7
show all
hide all
3.10.0-229.el7
3.10.0-123.1.2.el7
3.10.0-123.4.2.el7
3.10.0-123.6.3.el7
3.10.0-123.13.1.el7
3.10.0-123.8.1.el7
3.10.0-123.9.2.el7
3.10.0-229.4.2.el7
3.10.0-123.13.2.el7
3.10.0-123.9.3.el7
3.10.0-123.el7
3.10.0-229.1.2.el7
3.10.0-123.4.4.el7
3.10.0-123.20.1.el7
|
Released |
CentOS 7 plus |
3.10.0-123.8.1.el7.centos.plus
show all
hide all
3.10.0-123.6.3.el7.centos.plus
3.10.0-123.4.4.el7.centos.plus
3.10.0-123.13.2.el7.centos.plus
3.10.0-229.7.2.el7.centos.plus
3.10.0-123.9.2.el7.centos.plus
3.10.0-229.el7.centos.plus
3.10.0-123.20.1.el7.centos.plus
3.10.0-123.13.1.el7.centos.plus
3.10.0-229.4.2.el7.centos.plus
3.10.0-229.1.2.el7.centos.plus
3.10.0-123.9.3.el7.centos.plus
3.10.0-123.el7.centos.plus
3.10.0-123.1.2.el7.centos.plus
3.10.0-123.4.2.el7.centos.plus
|
Released |
Oracle Linux 7 |
3.10.0-229.7.2.el7
show all
hide all
3.10.0-229.1.2.el7
3.10.0-123.20.1.el7
3.10.0-123.13.1.el7
3.10.0-229.4.2.el7
3.10.0-123.13.2.el7
3.10.0-123.4.4.el7
3.10.0-229.el7
3.10.0-123.6.3.el7
3.10.0-123.4.2.el7
3.10.0-123.9.3.el7
3.10.0-123.el7
3.10.0-123.8.1.el7
3.10.0-123.9.2.el7
3.10.0-123.1.2.el7
|
Released |
CloudLinux OS 7 |
3.10.0-233.1.2.lve1.3.33.4.el7
show all
hide all
3.10.0-329.7.2.lve1.3.58.el7
3.10.0-223.1.2.lve1.3.22.el7
3.10.0-223.1.2.lve1.3.33.3.el7
3.10.0-223.1.2.lve1.3.33.el7
3.10.0-233.1.2.lve1.3.33.1.el7
3.10.0-329.7.2.lve1.3.50.el7
3.10.0-329.7.2.lve1.4.2.el7
3.10.0-329.7.2.lve1.3.55.el7
3.10.0-329.7.2.lve1.4.4.el7
|
Released |
OEL 7 Dell | |
Ready For Release |
Endurance 7 eig 3.10 | |
Ready For Release |
Debian 10 cloud | |
Will Not Fix |
Debian 9 backports | |
Will Not Fix |