Vulnerability Details : CVE-2014-9322
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.
Products affected by CVE-2014-9322
- cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp4:*:*:ltss:*:*:*
- cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-9322
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-9322
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2014-9322
-
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-9322
-
http://rhn.redhat.com/errata/RHSA-2014-2028.html
RHSA-2014:2028 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
[security-announce] openSUSE-SU-2015:0566-1: important: kernel update foMailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2014/12/15/6
oss-security - Linux kernel: multiple x86_64 vulnerabilitiesMailing List;Patch;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=142722544401658&w=2
'[security bulletin] HPSBGN03282 rev.1 - HP Business Service Manager Virtual Appliance, Multiple Vuln' - MARCMailing List;Third Party Advisory
-
https://help.joyent.com/entries/98788667-Security-Advisory-ZDI-CAN-3263-ZDI-CAN-3284-and-ZDI-CAN-3364-Vulnerabilities
Security Advisory: ZDI-CAN-3263, ZDI-CAN-3284 and ZDI-CAN-3364 Vulnerabilities – Joyent SupportPermissions Required;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1172806
1172806 – (CVE-2014-9322) CVE-2014-9322 kernel: x86: local privesc due to bad_iret and paranoid entry incompatibilityIssue Tracking;Patch;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-0009.html
RHSA-2015:0009 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2014-2008.html
RHSA-2014:2008 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.5
Mailing List;Patch;Vendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2014-2031.html
RHSA-2014:2031 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6f442be2fb22be02cafa606f1769fa1e6f894441
kernel/git/torvalds/linux.git - Linux kernel source treeMailing List;Patch;Vendor Advisory
-
http://www.ubuntu.com/usn/USN-2491-1
USN-2491-1: Linux kernel (EC2) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2014-1998.html
RHSA-2014:1998 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://marc.info/?l=bugtraq&m=142722450701342&w=2
'[security bulletin] HPSBGN03285 rev.1 - HP Business Service Manager Virtual Appliance, Multiple Vul' - MARCMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
[security-announce] SUSE-SU-2015:0736-1: important: Security update forMailing List;Third Party Advisory
-
http://www.zerodayinitiative.com/advisories/ZDI-16-170
ZDI-16-170 | Zero Day InitiativeThird Party Advisory;VDB Entry
-
http://www.exploit-db.com/exploits/36266
Linux Kernel 3.17.5 - IRET Instruction #SS Fault Handling Crash (PoC) - Linux_x86-64 dos ExploitExploit;Third Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
[security-announce] SUSE-SU-2015:0812-1: important: Security update forMailing List;Third Party Advisory
-
http://source.android.com/security/bulletin/2016-04-02.html
Nexus Security Bulletin—April 2016 | Android Open Source ProjectPatch;Third Party Advisory
-
https://github.com/torvalds/linux/commit/6f442be2fb22be02cafa606f1769fa1e6f894441
x86_64, traps: Stop using IST for #SS · torvalds/linux@6f442be · GitHubPatch;Third Party Advisory
Jump to