7.2

CVE-2014-3534

arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a crafted application that makes a ptrace system call.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 3.2.62
LinuxLinux Kernel Version >= 3.3 < 3.4.101
LinuxLinux Kernel Version >= 3.5 < 3.10.51
LinuxLinux Kernel Version >= 3.11 < 3.12.27
LinuxLinux Kernel Version >= 3.13 < 3.14.15
LinuxLinux Kernel Version >= 3.15 < 3.15.8
DebianDebian Linux Version7.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.47% 0.368
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

http://secunia.com/advisories/59790
Third Party Advisory
http://www.debian.org/security/2014/dsa-2992
Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dab6cf55f81a6e16b8147aed9a843e1691dcd318
Broken Link
http://secunia.com/advisories/60351
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.8
Vendor Advisory
Release Notes
http://www.osvdb.org/109546
Broken Link
http://www.securityfocus.com/bid/68940
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1030683
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1114089
Third Party Advisory
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/95069
Third Party Advisory
VDB Entry
https://github.com/torvalds/linux/commit/dab6cf55f81a6e16b8147aed9a843e1691dcd318
Patch
Third Party Advisory