13 Sep 2019
Vulnérabilité CVE-2019-15031 CVE Vulnerability
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c. (CVSS:3.6) (Last Update:2019-09-16)
Vulnerability Details : In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c. Publish Date : 2019-09-13 Last Update Date : 2019-09-16 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2019-15031
- Number Of Affected Versions By Product
- References For CVE-2019-15031
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2019-15031There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |