Vulnerability Details : CVE-2014-9419
The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address.
Vulnerability category: Information leak
Products affected by CVE-2014-9419
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-9419
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 8 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-9419
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST |
CWE ids for CVE-2014-9419
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-9419
-
http://www.ubuntu.com/usn/USN-2518-1
USN-2518-1: Linux kernel vulnerabilities | Ubuntu security notices
-
https://github.com/torvalds/linux/commit/f647d7c155f069c1a068030255c300663516420e
x86_64, switch_to(): Load TLS descriptors before switching DS and ES · torvalds/linux@f647d7c · GitHub
-
http://www.ubuntu.com/usn/USN-2515-1
USN-2515-1: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu security notices
-
http://www.openwall.com/lists/oss-security/2014/12/25/1
oss-security - Re: CVE Request: Linux x86_64 userspace address leak
-
http://rhn.redhat.com/errata/RHSA-2015-1081.html
RHSA-2015:1081 - Security Advisory - Red Hat Customer Portal
-
http://www.securityfocus.com/bid/71794
Linux Kernel CVE-2014-9419 Local Information Disclosure Vulnerability
-
http://www.ubuntu.com/usn/USN-2542-1
USN-2542-1: Linux kernel (OMAP4) vulnerabilities | Ubuntu security notices
-
http://www.debian.org/security/2015/dsa-3128
Debian -- Security Information -- DSA-3128-1 linux
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f647d7c155f069c1a068030255c300663516420e
kernel/git/torvalds/linux.git - Linux kernel source tree
-
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
mandriva.com
-
http://www.ubuntu.com/usn/USN-2517-1
USN-2517-1: Linux kernel (Utopic HWE) vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
[security-announce] SUSE-SU-2015:0736-1: important: Security update for
-
http://www.ubuntu.com/usn/USN-2516-1
USN-2516-1: Linux kernel vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html
[security-announce] openSUSE-SU-2015:0714-1: important: Security update
-
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html
[security-announce] SUSE-SU-2015:0529-1: important: Security update for
-
http://www.ubuntu.com/usn/USN-2541-1
USN-2541-1: Linux kernel vulnerabilities | Ubuntu security notices
-
https://bugzilla.redhat.com/show_bug.cgi?id=1177260
Vendor Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html
[SECURITY] Fedora 20 Update: kernel-3.17.8-200.fc20
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html
[SECURITY] Fedora 21 Update: kernel-3.17.8-300.fc21
Jump to