Vulnerability Details : CVE-2014-2039
arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service (system crash) by executing a crafted instruction.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2014-2039
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-2039
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-2039
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
CWE ids for CVE-2014-2039
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-2039
-
http://www.securityfocus.com/bid/65700
Linux Kernel CVE-2014-2039 Local Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://bugzilla.redhat.com/show_bug.cgi?id=1067558
1067558 – (CVE-2014-2039) CVE-2014-2039 Kernel: s390: crash due to linkage stack instructionsIssue Tracking;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2014/02/20/14
oss-security - Re: CVE Request: Linux kernel: s390: crash due to linkage stack instructionMailing List;Patch;Third Party Advisory
-
https://github.com/torvalds/linux/commit/8d7f6690cedb83456edd41c9bd583783f0703bf0
s390: fix kernel crash due to linkage stack instructions · torvalds/linux@8d7f669 · GitHubPatch;Third Party Advisory
-
http://linux.oracle.com/errata/ELSA-2014-0771.html
linux.oracle.com | ELSA-2014-0771Third Party Advisory
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d7f6690cedb83456edd41c9bd583783f0703bf0
-
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.5
Release Notes;Vendor Advisory
Jump to