CVE-2014-9322

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6f442be2fb22be02cafa606f1769fa1e6f894441

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html

http://marc.info/?l=bugtraq&m=142722450701342&w=2

http://marc.info/?l=bugtraq&m=142722544401658&w=2

http://osvdb.org/show/osvdb/115919

http://rhn.redhat.com/errata/RHSA-2014-1998.html

http://rhn.redhat.com/errata/RHSA-2014-2008.html

http://rhn.redhat.com/errata/RHSA-2014-2028.html

http://rhn.redhat.com/errata/RHSA-2014-2031.html

http://rhn.redhat.com/errata/RHSA-2015-0009.html

http://secunia.com/advisories/62336

http://source.android.com/security/bulletin/2016-04-02.html

http://www.exploit-db.com/exploits/36266

http://www.openwall.com/lists/oss-security/2014/12/15/6

http://www.ubuntu.com/usn/USN-2491-1

http://www.zerodayinitiative.com/advisories/ZDI-16-170

https://bugzilla.redhat.com/show_bug.cgi?id=1172806

https://github.com/torvalds/linux/commit/6f442be2fb22be02cafa606f1769fa1e6f894441

https://help.joyent.com/entries/98788667-Security-Advisory-ZDI-CAN-3263-ZDI-CAN-3284-and-ZDI-CAN-3364-Vulnerabilities

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.5

Details

Source: MITRE

Published: 2014-12-17

Updated: 2020-08-14

Type: CWE-269

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (41 total)

IDNameProductFamilySeverity
124829EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1506)NessusHuawei Local Security Checks
high
124807EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1483)NessusHuawei Local Security Checks
high
99163OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0057) (Dirty COW)NessusOracleVM Local Security Checks
critical
85947F5 Networks BIG-IP : Linux kernel vulnerability (SOL16122)NessusF5 Networks Local Security Checks
high
85097Oracle Linux 6 : kernel (ELSA-2015-1272)NessusOracle Linux Local Security Checks
high
83723SUSE SLES10 Security Update : kernel (SUSE-SU-2015:0812-1)NessusSuSE Local Security Checks
high
83665SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2015:0068-1)NessusSuSE Local Security Checks
high
83653SUSE SLES11 Security Update : kernel (SUSE-SU-2014:1698-1)NessusSuSE Local Security Checks
high
82691OracleVM 3.3 : kernel-uek (OVMSA-2015-0040)NessusOracleVM Local Security Checks
high
82020SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 10412 / 10415 / 10416)NessusSuSE Local Security Checks
high
81966Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2015-3012)NessusOracle Linux Local Security Checks
high
81800Oracle Linux 7 : kernel (ELSA-2015-0290)NessusOracle Linux Local Security Checks
high
81164Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2491-1)NessusUbuntu Local Security Checks
high
80578Mandriva Linux Security Advisory : kernel (MDVSA-2015:027)NessusMandriva Local Security Checks
high
80396RHEL 4 : kernel (RHSA-2015:0009)NessusRed Hat Local Security Checks
high
80250SuSE 11.3 Security Update : Linux kernel (SAT Patch Number 10103)NessusSuSE Local Security Checks
high
80216RHEL 5 : kernel (RHSA-2014:2031)NessusRed Hat Local Security Checks
high
80215RHEL 6 : kernel (RHSA-2014:2030)NessusRed Hat Local Security Checks
high
80214RHEL 5 : kernel (RHSA-2014:2029)NessusRed Hat Local Security Checks
high
80213RHEL 6 : kernel (RHSA-2014:2028)NessusRed Hat Local Security Checks
high
80158Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3108)NessusOracle Linux Local Security Checks
high
80157Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3107)NessusOracle Linux Local Security Checks
high
80156Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2014-3106)NessusOracle Linux Local Security Checks
high
80153openSUSE Security Update : Linux Kernel (openSUSE-SU-2014:1678-1)NessusSuSE Local Security Checks
high
80152openSUSE Security Update : the Linux Kernel (openSUSE-SU-2014:1677-1)NessusSuSE Local Security Checks
high
80150openSUSE Security Update : the Linux Kernel (openSUSE-SU-2014:1669-1)NessusSuSE Local Security Checks
high
80112Oracle Linux 7 : kernel (ELSA-2014-2010)NessusOracle Linux Local Security Checks
high
80111Oracle Linux 5 : kernel (ELSA-2014-2008)NessusOracle Linux Local Security Checks
high
80110Oracle Linux 5 : kernel (ELSA-2014-2008-1)NessusOracle Linux Local Security Checks
high
80106CentOS 7 : kernel (CESA-2014:2010)NessusCentOS Local Security Checks
high
80105CentOS 5 : kernel (CESA-2014:2008)NessusCentOS Local Security Checks
high
80100Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20141217)NessusScientific Linux Local Security Checks
high
80099Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20141216)NessusScientific Linux Local Security Checks
high
80098RHEL 7 : kernel (RHSA-2014:2010)NessusRed Hat Local Security Checks
high
80097RHEL 6 : kernel (RHSA-2014:2009)NessusRed Hat Local Security Checks
high
80096RHEL 5 : kernel (RHSA-2014:2008)NessusRed Hat Local Security Checks
high
80088CentOS 6 : kernel (CESA-2014:1997)NessusCentOS Local Security Checks
high
80073RHEL 6 : kernel-rt (RHSA-2014:1998)NessusRed Hat Local Security Checks
high
80072RHEL 6 : kernel (RHSA-2014:1997)NessusRed Hat Local Security Checks
high
80070Oracle Linux 6 : kernel (ELSA-2014-1997)NessusOracle Linux Local Security Checks
high
79725Amazon Linux AMI : kernel (ALAS-2014-455)NessusAmazon Linux Local Security Checks
high