First published: Thu Jul 03 2014(Updated: )
It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. Note: The CVE-2014-4699 issue only affected systems using an Intel CPU.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel | <0:2.6.32-431.20.5.el6 | 0:2.6.32-431.20.5.el6 |
redhat/kernel | <0:2.6.32-220.53.1.el6 | 0:2.6.32-220.53.1.el6 |
redhat/kernel | <0:2.6.32-358.46.2.el6 | 0:2.6.32-358.46.2.el6 |
redhat/kernel | <0:3.10.0-123.4.4.el7 | 0:3.10.0-123.4.4.el7 |
redhat/kernel-rt | <0:3.10.33-rt32.43.el6 | 0:3.10.33-rt32.43.el6 |
Linux Linux kernel | <3.15.4 | |
Debian Debian Linux | =7.0 | |
Canonical Ubuntu Linux | =10.04 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =13.10 | |
Canonical Ubuntu Linux | =14.04 | |
Linux Linux kernel | >=2.6.17<3.2.61 | |
Linux Linux kernel | >=3.3<3.4.97 | |
Linux Linux kernel | >=3.5<3.10.47 | |
Linux Linux kernel | >=3.11<3.12.25 | |
Linux Linux kernel | >=3.13<3.14.11 | |
Linux Linux kernel | >=3.15<3.15.4 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 | |
>=2.6.17<3.2.61 | ||
>=3.3<3.4.97 | ||
>=3.5<3.10.47 | ||
>=3.11<3.12.25 | ||
>=3.13<3.14.11 | ||
>=3.15<3.15.4 | ||
=7.0 | ||
=10.04 | ||
=12.04 | ||
=13.10 | ||
=14.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)