What is the severity of REDHAT-BUG-1272472?

REDHAT-BUG-1272472 is considered a high severity vulnerability as it allows attackers to bypass important security mechanisms.

How do I fix REDHAT-BUG-1272472?

To remediate REDHAT-BUG-1272472, ensure that your system is updated with the latest kernel patches provided by Red Hat.

What systems are affected by REDHAT-BUG-1272472?

REDHAT-BUG-1272472 affects Red Hat Linux kernel running with UEFI Secure Boot enabled.

What is the impact of exploiting REDHAT-BUG-1272472?

Exploiting REDHAT-BUG-1272472 could allow unauthorized access or modifications to the kernel, undermining system security.

Is there a workaround for REDHAT-BUG-1272472?

Currently, the recommended action is to apply the kernel updates, as there are no effective workarounds to mitigate REDHAT-BUG-1272472.

Vulnerability/
REDHAT-BUG-1272472

low

16/10/2015

1/6/2021

REDHAT-BUG-1272472

First published: Fri Oct 16 2015(Updated: )

A vulnerability was found in kexec, allowing the attacker to bypass the security mechanism of securelevel/secureboot combination. When the kernel was booted with UEFI Secure Boot enabled, securelevel is set. If kexec (either through crash or admin action) is then used to load the same kernel, after reboot securelevel is disabled. In this state, the system is missing the protections provided by securelevel, for example kexec may be used to load an unsigned kernel via the legacy system call kexec_load. In the securelevel patchset, the state of UEFI Secure Boot is queried in the EFI stub, and sets a boot_params flag to indicate the state of UEFI Secure Boot. This flag is then used in setup_arch() to determine the correct state of securelevel. If the kernel is not booted via the EFI stub, securelevel is not set even if UEFI Secure Boot is enabled. Patch can be found in product bug: <a class="bz_bug_link bz_status_CLOSED bz_closed bz_public " title="CLOSED ERRATA - CVE-2015-7837 kernel: securelevel disabled after kexec [rhel-7.2]" href="show_bug.cgi?id=1243998#c3">https://bugzilla.redhat.com/show_bug.cgi?id=1243998#c3</a> Upstream patch: <a href="https://github.com/mjg59/linux/commit/4b2b64d5a6ebc84214755ebccd599baef7c1b798">https://github.com/mjg59/linux/commit/4b2b64d5a6ebc84214755ebccd599baef7c1b798</a> CVE assignment: <a href="http://seclists.org/oss-sec/2015/q4/85">http://seclists.org/oss-sec/2015/q4/85</a>

Affected Software	Affected Version	How to fix
Red Hat Linux

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of REDHAT-BUG-1272472?
REDHAT-BUG-1272472 is considered a high severity vulnerability as it allows attackers to bypass important security mechanisms.
How do I fix REDHAT-BUG-1272472?
To remediate REDHAT-BUG-1272472, ensure that your system is updated with the latest kernel patches provided by Red Hat.
What systems are affected by REDHAT-BUG-1272472?
REDHAT-BUG-1272472 affects Red Hat Linux kernel running with UEFI Secure Boot enabled.
What is the impact of exploiting REDHAT-BUG-1272472?
Exploiting REDHAT-BUG-1272472 could allow unauthorized access or modifications to the kernel, undermining system security.
Is there a workaround for REDHAT-BUG-1272472?
Currently, the recommended action is to apply the kernel updates, as there are no effective workarounds to mitigate REDHAT-BUG-1272472.

agent/type
agent/references
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2015-7837
agent/last-modified-date
agent/severity
agent/description
agent/event
agent/source
agent/tags
agent/softwarecombine
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/red hat
canonical/red hat linux