{
  "threat_severity" : "Moderate",
  "public_date" : "2016-04-13T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: incorrect restoration of machine specific registers from userspace",
    "id" : "1326540",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1326540"
  },
  "cvss" : {
    "cvss_base_score" : "4.4",
    "cvss_scoring_vector" : "AV:L/AC:M/Au:S/C:N/I:N/A:C",
    "status" : "verified"
  },
  "cwe" : "CWE-772",
  "details" : [ "The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.", "A flaw was found in the Linux kernel which could cause a kernel panic when restoring machine specific registers on the PowerPC platform. Incorrect transactional memory state registers could inadvertently change the call path on return from userspace and cause the kernel to enter an unknown state and crash." ],
  "statement" : "This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 5 and 6,\nThis issue affects the Linux kernels as shipped with Red Hat Enterprise Linux 7 and MRG-2 realtime kernels.\nFor additional information, refer\nto the Red Hat Enterprise Linux Life Cycle:\nhttps://access.redhat.com/support/policy/updates/errata/ .",
  "acknowledgement" : "This issue was discovered by Miroslav Vadkerti (Red Hat Engineering).",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-11-03T00:00:00Z",
    "advisory" : "RHSA-2016:2584",
    "cpe" : "cpe:/a:redhat:rhel_extras_rt:7",
    "package" : "kernel-rt-0:3.10.0-514.rt56.420.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-11-03T00:00:00Z",
    "advisory" : "RHSA-2016:2574",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-0:3.10.0-514.el7"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 4",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "fix_state" : "Affected",
    "package_name" : "kernel-realtime",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2015-8844\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-8844" ],
  "name" : "CVE-2015-8844",
  "csaw" : false
}