The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.
http://linux.oracle.com/errata/ELSA-2014-0924.html
http://linux.oracle.com/errata/ELSA-2014-3047.html
http://linux.oracle.com/errata/ELSA-2014-3048.html
http://openwall.com/lists/oss-security/2014/07/05/4
http://openwall.com/lists/oss-security/2014/07/08/16
http://openwall.com/lists/oss-security/2014/07/08/5
http://secunia.com/advisories/59633
http://secunia.com/advisories/59639
http://secunia.com/advisories/59654
http://secunia.com/advisories/60220
http://secunia.com/advisories/60380
http://secunia.com/advisories/60393
http://www.debian.org/security/2014/dsa-2972
http://www.exploit-db.com/exploits/34134
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.4
http://www.openwall.com/lists/oss-security/2014/07/04/4
http://www.ubuntu.com/usn/USN-2266-1
http://www.ubuntu.com/usn/USN-2267-1
http://www.ubuntu.com/usn/USN-2268-1
http://www.ubuntu.com/usn/USN-2269-1
http://www.ubuntu.com/usn/USN-2270-1
http://www.ubuntu.com/usn/USN-2271-1
http://www.ubuntu.com/usn/USN-2272-1
http://www.ubuntu.com/usn/USN-2273-1
http://www.ubuntu.com/usn/USN-2274-1
https://bugzilla.redhat.com/show_bug.cgi?id=1115927
https://github.com/torvalds/linux/commit/b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.47
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.11
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.97
OR
OR
OR
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
124977 | EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1524) | Nessus | Huawei Local Security Checks | high |
124805 | EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1481) | Nessus | Huawei Local Security Checks | high |
99163 | OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0057) (Dirty COW) | Nessus | OracleVM Local Security Checks | critical |
83640 | SUSE SLES11 Security Update : kernel (SUSE-SU-2014:1138-1) | Nessus | SuSE Local Security Checks | medium |
83633 | SUSE SLES11 Security Update : kernel (SUSE-SU-2014:1105-1) | Nessus | SuSE Local Security Checks | high |
81800 | Oracle Linux 7 : kernel (ELSA-2015-0290) | Nessus | Oracle Linux Local Security Checks | high |
79111 | RHEL 6 : kernel (RHSA-2014:0925) | Nessus | Red Hat Local Security Checks | medium |
79037 | RHEL 6 : kernel (RHSA-2014:0949) | Nessus | Red Hat Local Security Checks | medium |
77355 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2014-3070) | Nessus | Oracle Linux Local Security Checks | high |
77177 | openSUSE Security Update : kernel (openSUSE-SU-2014:0985-1) | Nessus | SuSE Local Security Checks | high |
77074 | Mandriva Linux Security Advisory : kernel (MDVSA-2014:155) | Nessus | Mandriva Local Security Checks | medium |
76988 | openSUSE Security Update : kernel (openSUSE-SU-2014:0957-1) | Nessus | SuSE Local Security Checks | medium |
76906 | RHEL 7 : kernel (RHSA-2014:0923) | Nessus | Red Hat Local Security Checks | medium |
76851 | Fedora 19 : kernel-3.14.13-100.fc19 (2014-8487) | Nessus | Fedora Local Security Checks | medium |
76838 | CentOS 6 : kernel (CESA-2014:0924) | Nessus | CentOS Local Security Checks | medium |
76837 | CentOS 7 : kernel (CESA-2014:0923) | Nessus | CentOS Local Security Checks | medium |
76783 | Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20140723) | Nessus | Scientific Linux Local Security Checks | medium |
76781 | Oracle Linux 7 : unbreakable enterprise kernel (ELSA-2014-3049) | Nessus | Oracle Linux Local Security Checks | high |
76750 | RHEL 6 : kernel (RHSA-2014:0924) | Nessus | Red Hat Local Security Checks | medium |
76747 | Oracle Linux 6 : kernel (ELSA-2014-0924) | Nessus | Oracle Linux Local Security Checks | medium |
76746 | Oracle Linux 7 : kernel (ELSA-2014-0923) | Nessus | Oracle Linux Local Security Checks | medium |
76696 | RHEL 6 : kernel-rt (RHSA-2014:0913) | Nessus | Red Hat Local Security Checks | high |
76603 | Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3048) | Nessus | Oracle Linux Local Security Checks | medium |
76602 | Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3047) | Nessus | Oracle Linux Local Security Checks | medium |
76601 | Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2014-3046) | Nessus | Oracle Linux Local Security Checks | high |
76557 | SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 9488 / 9491 / 9493) | Nessus | SuSE Local Security Checks | critical |
76468 | Fedora 20 : kernel-3.15.4-200.fc20 (2014-8171) | Nessus | Fedora Local Security Checks | medium |
76387 | Debian DSA-2972-1 : linux - security update | Nessus | Debian Local Security Checks | medium |
76386 | Ubuntu 14.04 LTS : linux vulnerability (USN-2274-1) | Nessus | Ubuntu Local Security Checks | medium |
76385 | Ubuntu 13.10 : linux vulnerability (USN-2273-1) | Nessus | Ubuntu Local Security Checks | medium |
76384 | Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-2272-1) | Nessus | Ubuntu Local Security Checks | medium |
76383 | Ubuntu 12.04 LTS : linux-lts-saucy vulnerability (USN-2271-1) | Nessus | Ubuntu Local Security Checks | medium |
76382 | Ubuntu 12.04 LTS : linux-lts-raring vulnerability (USN-2270-1) | Nessus | Ubuntu Local Security Checks | medium |
76381 | Ubuntu 12.04 LTS : linux-lts-quantal vulnerability (USN-2269-1) | Nessus | Ubuntu Local Security Checks | medium |
76380 | Ubuntu 12.04 LTS : linux vulnerability (USN-2268-1) | Nessus | Ubuntu Local Security Checks | medium |
76379 | Ubuntu 10.04 LTS : linux-ec2 vulnerability (USN-2267-1) | Nessus | Ubuntu Local Security Checks | medium |
76378 | Ubuntu 10.04 LTS : linux vulnerability (USN-2266-1) | Nessus | Ubuntu Local Security Checks | medium |