First published: Fri Nov 07 2014(Updated: )
An out-of-bounds memory access flaw, CVE-2014-7825, was found in the syscall tracing functionality of the Linux kernel's perf subsystem. A local, unprivileged user could use this flaw to crash the system. Additionally, an out-of-bounds memory access flaw, CVE-2014-7826, was found in the syscall tracing functionality of the Linux kernel's ftrace subsystem. On a system with ftrace syscall tracing enabled, a local, unprivileged user could use this flaw to crash the system, or escalate their privileges.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel | <0:2.6.32-504.16.2.el6 | 0:2.6.32-504.16.2.el6 |
redhat/kernel | <0:3.10.0-229.el7 | 0:3.10.0-229.el7 |
redhat/kernel-rt | <0:3.10.58-rt62.58.el6 | 0:3.10.58-rt62.58.el6 |
Linux Linux kernel | >=2.6.32<3.2.65 | |
Linux Linux kernel | >=3.3<3.4.106 | |
Linux Linux kernel | >=3.5<3.10.60 | |
Linux Linux kernel | >=3.11<3.12.33 | |
Linux Linux kernel | >=3.13<3.14.24 | |
Linux Linux kernel | >=3.15<3.16.35 | |
Linux Linux kernel | >=3.17<3.17.3 | |
Opensuse Evergreen | =11.4 | |
SUSE SUSE Linux Enterprise Server | =11-sp2 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.12.5-1 6.12.6-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)