{
  "threat_severity" : "Moderate",
  "public_date" : "2016-04-13T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: incorrect restoration of machine specific registers from userspace",
    "id" : "1326540",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1326540"
  },
  "cvss" : {
    "cvss_base_score" : "4.4",
    "cvss_scoring_vector" : "AV:L/AC:M/Au:S/C:N/I:N/A:C",
    "status" : "verified"
  },
  "cwe" : "CWE-772",
  "details" : [ "The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.", "A flaw was found in the Linux kernel which could cause a kernel panic when restoring machine specific registers on the PowerPC platform. Incorrect transactional memory state registers could inadvertently change the call path on return from userspace and cause the kernel to enter an unknown state and crash." ],
  "statement" : "This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 5 and 6,\nThis issue affects the Linux kernels as shipped with Red Hat Enterprise Linux 7 and MRG-2 realtime kernels.\nFor additional information, refer\nto the Red Hat Enterprise Linux Life Cycle:\nhttps://access.redhat.com/support/policy/updates/errata/ .",
  "acknowledgement" : "This issue was discovered by Miroslav Vadkerti (Red Hat Engineering).",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-11-03T00:00:00Z",
    "advisory" : "RHSA-2016:2584",
    "cpe" : "cpe:/a:redhat:rhel_extras_rt:7",
    "package" : "kernel-rt-0:3.10.0-514.rt56.420.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-11-03T00:00:00Z",
    "advisory" : "RHSA-2016:2574",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-0:3.10.0-514.el7"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 4",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "fix_state" : "Affected",
    "package_name" : "kernel-realtime",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2015-8845\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-8845" ],
  "name" : "CVE-2015-8845",
  "csaw" : false
}