{
  "threat_severity" : "Important",
  "public_date" : "2015-03-11T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: infiniband: uverbs: unprotected physical memory access",
    "id" : "1181166",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1181166"
  },
  "cvss" : {
    "cvss_base_score" : "6.2",
    "cvss_scoring_vector" : "AV:L/AC:H/Au:N/C:C/I:C/A:C",
    "status" : "verified"
  },
  "cwe" : "CWE-190",
  "details" : [ "The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by leveraging permissions on a uverbs device under /dev/infiniband/.", "It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system." ],
  "statement" : "This issue did affect the Linux kernel packages as shipped with Red Hat\nEnterprise Linux 5, 6, and 7, and Red Hat Enterprise MRG 2. This issue\nhas been addressed in the respective releases.",
  "acknowledgement" : "Red Hat would like to thank Mellanox for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2015-04-07T00:00:00Z",
    "advisory" : "RHSA-2015:0783",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "kernel-0:2.6.18-404.el5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5.6 Long Life",
    "release_date" : "2015-04-30T00:00:00Z",
    "advisory" : "RHSA-2015:0919",
    "cpe" : "cpe:/o:redhat:rhel_mission_critical:5.6",
    "package" : "kernel-0:2.6.18-238.55.1.el5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5.9 Extended Update Support",
    "release_date" : "2015-04-22T00:00:00Z",
    "advisory" : "RHSA-2015:0870",
    "cpe" : "cpe:/o:redhat:rhel_eus:5.9",
    "package" : "kernel-0:2.6.18-348.30.1.el5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2015-03-11T00:00:00Z",
    "advisory" : "RHSA-2015:0674",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "kernel-0:2.6.32-504.12.2.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.2 Advanced Update Support",
    "release_date" : "2015-03-17T00:00:00Z",
    "advisory" : "RHSA-2015:0695",
    "cpe" : "cpe:/o:redhat:rhel_mission_critical:6.2",
    "package" : "kernel-0:2.6.32-220.60.2.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.4 Advanced Update Support",
    "release_date" : "2015-04-14T00:00:00Z",
    "advisory" : "RHSA-2015:0803",
    "cpe" : "cpe:/o:redhat:rhel_aus:6.4",
    "package" : "kernel-0:2.6.32-358.59.1.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.5 Extended Update Support",
    "release_date" : "2015-04-07T00:00:00Z",
    "advisory" : "RHSA-2015:0782",
    "cpe" : "cpe:/o:redhat:rhel_eus:6.5",
    "package" : "kernel-0:2.6.32-431.53.2.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2015-03-26T00:00:00Z",
    "advisory" : "RHSA-2015:0727",
    "cpe" : "cpe:/a:redhat:rhel_extras_rt:7",
    "package" : "kernel-rt-0:3.10.0-229.1.2.rt56.141.2.el7_1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2015-03-26T00:00:00Z",
    "advisory" : "RHSA-2015:0726",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-0:3.10.0-229.1.2.ael7b"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "release_date" : "2015-03-30T00:00:00Z",
    "advisory" : "RHSA-2015:0751",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2:server:el6",
    "package" : "kernel-rt-1:3.10.0-229.rt56.147.el6rt"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 4",
    "fix_state" : "Will not fix",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:4"
  }, {
    "product_name" : "Red Hat Enterprise Linux Extended Update Support 5.6",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:rhel_eus:5.6"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2014-8159\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-8159" ],
  "name" : "CVE-2014-8159",
  "csaw" : false
}