2.1

CVE-2014-9419

The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 3.18.1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.44% 0.347
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.debian.org/security/2015/dsa-3128
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html
http://www.ubuntu.com/usn/USN-2515-1
http://www.ubuntu.com/usn/USN-2516-1
http://www.ubuntu.com/usn/USN-2517-1
http://www.ubuntu.com/usn/USN-2518-1
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f647d7c155f069c1a068030255c300663516420e
http://rhn.redhat.com/errata/RHSA-2015-1081.html
http://www.openwall.com/lists/oss-security/2014/12/25/1
http://www.securityfocus.com/bid/71794
http://www.ubuntu.com/usn/USN-2541-1
http://www.ubuntu.com/usn/USN-2542-1
https://bugzilla.redhat.com/show_bug.cgi?id=1177260
Vendor Advisory
https://github.com/torvalds/linux/commit/f647d7c155f069c1a068030255c300663516420e