6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
The Linux kernel before 3.15.4 on Intel processors does not properly
restrict use of a non-canonical value for the saved RIP address in the case
of a system call that does not use IRET, which allows local users to
leverage a race condition and gain privileges, or cause a denial of service
(double fault), via a crafted application that makes ptrace and fork system
calls.
Author | Note |
---|---|
jdstrand | android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels |
jj | begin sha1 is not actual commit that broke it just first kernel (2.6.17) as reported by Andy Lutomirski x86_64 only. Likely intel only |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | linux | < 2.6.32-62.126 | UNKNOWN |
ubuntu | 12.04 | noarch | linux | < 3.2.0-65.99 | UNKNOWN |
ubuntu | 13.10 | noarch | linux | < 3.11.0-24.42 | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < 3.13.0-30.55 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-armadaxp | < 3.2.0-1636.53 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-ec2 | < 2.6.32-366.81 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-quantal | < 3.5.0-52.79~precise1 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-raring | < 3.8.0-42.63~precise1 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-saucy | < 3.11.0-24.42~precise1 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-trusty | < 3.13.0-30.55~precise1 | UNKNOWN |
launchpad.net/bugs/cve/CVE-2014-4699
nvd.nist.gov/vuln/detail/CVE-2014-4699
security-tracker.debian.org/tracker/CVE-2014-4699
ubuntu.com/security/notices/USN-2266-1
ubuntu.com/security/notices/USN-2267-1
ubuntu.com/security/notices/USN-2268-1
ubuntu.com/security/notices/USN-2269-1
ubuntu.com/security/notices/USN-2270-1
ubuntu.com/security/notices/USN-2271-1
ubuntu.com/security/notices/USN-2272-1
ubuntu.com/security/notices/USN-2273-1
ubuntu.com/security/notices/USN-2274-1
ubuntu.com/security/notices/USN-2284-1
www.cve.org/CVERecord?id=CVE-2014-4699