CVE-2015-0565

NameCVE-2015-0565
DescriptionNaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
nacl (PTS)bullseye20110221-6.1vulnerable
bookworm20110221-12vulnerable
sid, trixie20110221-14vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
naclsource(unstable)(unfixed)unimportant

Notes

https://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=284
Limited impact, and for chromium itself the CLFLUSH instruction has been
disalowed.

Search for package or bug name: Reporting problems