VDB
CVE-2015-7837
CVE-2015-7837
PUBLISHED
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot.
EPSS 0.07% · 22.3th percentile
Risk Scores
EPSS Score
0.07%
22.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:FIPS-updates:24.04:LTS | linux-gcp-fips | 6.8.0-1037.39+fips1, 6.8.0-1036.38+fips1, 0 |
| Ubuntu:Pro:FIPS-updates:20.04:LTS | linux-gcp-fips | 5.4.0-1124.133+fips1, 5.4.0-1122.131+fips1, 5.4.0-1120.129+fips1 |
| Ubuntu:Pro:20.04:LTS | linux-azure-fde-5.15 | 5.15.0-1061.70~20.04.1.1, 5.15.0-1042.49~20.04.1.1, 5.15.0-1041.48~20.04.1.1 |
| Ubuntu:Pro:20.04:LTS | linux-azure-5.15 | *, 5.15.0-1064.73~20.04.1, * |
| Ubuntu:24.04:LTS | linux-oracle-6.17 | 0, 6.17.0-1004.4~24.04.2, 6.17.0-1007.7~24.04.1 |
| Ubuntu:22.04:LTS | linux-realtime | 5.15.0-1032.35, 0 |
| Ubuntu:22.04:LTS | linux-riscv-6.8 | *, *, * |
| Ubuntu:Pro:Realtime:24.04:LTS | linux-realtime-6.14 | 6.14.0-1014.14~24.04.1, *, * |
| Ubuntu:22.04:LTS | linux-lowlatency-hwe-6.8 | 6.8.0-79.79.1~22.04.1, *, * |
| Ubuntu:22.04:LTS | linux-azure-6.8 | 6.8.0-1015.17~22.04.2, 6.8.0-1017.20~22.04.1, 6.8.0-1020.23~22.04.1 |
| Ubuntu:Pro:FIPS-updates:22.04:LTS | linux-azure-fips | 5.15.0-1095.104+fips1, 0, * |
| Ubuntu:22.04:LTS | linux-lowlatency | 5.15.0-91.101, 5.15.0-125.135, 5.15.0-110.120 |
| Ubuntu:Pro:FIPS-updates:24.04:LTS | linux-fips | 6.8.0-38.38+fips4, 6.8.0-78.78+fips1, 6.8.0-79.79+fips1 |
| Ubuntu:Pro:FIPS-updates:20.04:LTS | linux-fips | 5.4.0-1072.81, 5.4.0-1107.117, 5.4.0-1100.110 |
| Ubuntu:24.04:LTS | linux-realtime | 0, 6.8.1-1015.16 |
| Ubuntu:24.04:LTS | linux-aws-6.14 | 6.14.0-1015.15~24.04.1, 6.14.0-1016.16~24.04.1, 6.14.0-1018.18~24.04.1 |
| Ubuntu:Pro:20.04:LTS | linux-nvidia-tegra-5.15 | 5.15.0-1047.47~20.04.1, 5.15.0-1048.48~20.04.1, 5.15.0-1050.50~20.04.1 |
| Ubuntu:22.04:LTS | linux-kvm | 5.15.0-1052.57, 5.15.0-1049.54, 5.15.0-1053.58 |
| Ubuntu:Pro:Realtime:22.04:LTS | linux-realtime-6.8 | 6.8.1-1007.7~22.04.1, *, * |
| Ubuntu:Pro:18.04:LTS | linux-raspi-5.4 | 5.4.0-1069.79~18.04.1, 5.4.0-1070.80~18.04.1, 5.4.0-1071.81~18.04.1 |
…and 133 more
Timeline
- Oct 15, 2015 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2015-7837 third-party-advisory
- http://www.openwall.com/lists/oss-security/2015/10/15 third-party-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1243998#c3 third-party-advisory
- https://ubuntu.com/security/notices/USN-3405-1 vendor-advisory
- https://ubuntu.com/security/notices/USN-3405-2 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2015-7837 third-party-advisory