High severity7.0NVD Advisory· Published Feb 8, 2016· Updated May 6, 2026
CVE-2015-8709
CVE-2015-8709
Description
kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
25- lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.htmlnvd
- marc.infonvd
- marc.infonvd
- www.debian.org/security/2016/dsa-3434nvd
- www.openwall.com/lists/oss-security/2015/12/17/12nvd
- www.openwall.com/lists/oss-security/2015/12/31/5nvd
- www.securityfocus.com/bid/79899nvd
- www.securitytracker.com/id/1034899nvd
- bugzilla.redhat.com/show_bug.cginvd
- lkml.org/lkml/2015/12/25/71nvd
News mentions
0No linked articles in our index yet.