6.9

CVE-2014-4699

Exploit
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.17 < 3.2.61
LinuxLinux Kernel Version >= 3.3 < 3.4.97
LinuxLinux Kernel Version >= 3.5 < 3.10.47
LinuxLinux Kernel Version >= 3.11 < 3.12.25
LinuxLinux Kernel Version >= 3.13 < 3.14.11
LinuxLinux Kernel Version >= 3.15 < 3.15.4
DebianDebian Linux Version7.0
CanonicalUbuntu Linux Version10.04 SwEdition-
CanonicalUbuntu Linux Version12.04 SwEditionesm
CanonicalUbuntu Linux Version13.10
CanonicalUbuntu Linux Version14.04 SwEditionesm
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.32% 0.813
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a
Third Party Advisory
Broken Link
http://linux.oracle.com/errata/ELSA-2014-0924.html
Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-3047.html
Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-3048.html
Third Party Advisory
http://openwall.com/lists/oss-security/2014/07/05/4
Third Party Advisory
Mailing List
http://openwall.com/lists/oss-security/2014/07/08/16
Third Party Advisory
Mailing List
http://openwall.com/lists/oss-security/2014/07/08/5
Third Party Advisory
Mailing List
http://packetstormsecurity.com/files/127573/Linux-Kernel-ptrace-sysret-Local-Privilege-Escalation.html
Third Party Advisory
Exploit
VDB Entry
http://secunia.com/advisories/59633
Third Party Advisory
http://secunia.com/advisories/59639
Third Party Advisory
http://secunia.com/advisories/59654
Third Party Advisory
http://secunia.com/advisories/60220
Third Party Advisory
http://secunia.com/advisories/60380
Third Party Advisory
http://secunia.com/advisories/60393
Third Party Advisory
http://www.debian.org/security/2014/dsa-2972
Third Party Advisory
http://www.exploit-db.com/exploits/34134
Third Party Advisory
Exploit
VDB Entry
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.4
Vendor Advisory
Release Notes
http://www.openwall.com/lists/oss-security/2014/07/04/4
Third Party Advisory
Mailing List
http://www.osvdb.org/108754
Broken Link
http://www.ubuntu.com/usn/USN-2266-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2267-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2268-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2269-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2270-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2271-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2272-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2273-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2274-1
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1115927
Patch
Third Party Advisory
Issue Tracking
https://github.com/torvalds/linux/commit/b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a
Patch
Third Party Advisory
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.47
Vendor Advisory
Release Notes
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.11
Vendor Advisory
Release Notes
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.97
Vendor Advisory
Release Notes