CVE-2014-7842: Race Condition
First published: Wed Sep 24 2014(Updated: )
It was found that reporting emulation failures to user space could lead to either a local (CVE-2014-7842) or a L2->L1 (CVE-2010-5313) denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain systems, HPET is mapped to userspace as part of vdso (vvar) and thus an unprivileged user may generate MMIO transactions (and enter the emulator) this way.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel | <0:2.6.32-642.el6 | 0:2.6.32-642.el6 |
| redhat/kernel | <0:3.10.0-327.el7 | 0:3.10.0-327.el7 |
| Linux Kernel | <=3.17.3 | |
| Linux Kernel | =3.0-rc1 | |
| Linux Kernel | =3.0-rc2 | |
| Linux Kernel | =3.0-rc3 | |
| Linux Kernel | =3.0-rc4 | |
| Linux Kernel | =3.0-rc5 | |
| Linux Kernel | =3.0-rc6 | |
| Linux Kernel | =3.0-rc7 | |
| Linux Kernel | =3.0.1 | |
| Linux Kernel | =3.0.2 | |
| Linux Kernel | =3.0.3 | |
| Linux Kernel | =3.0.4 | |
| Linux Kernel | =3.0.5 | |
| Linux Kernel | =3.0.6 | |
| Linux Kernel | =3.0.7 | |
| Linux Kernel | =3.0.8 | |
| Linux Kernel | =3.0.9 | |
| Linux Kernel | =3.0.10 | |
| Linux Kernel | =3.0.11 | |
| Linux Kernel | =3.0.12 | |
| Linux Kernel | =3.0.13 | |
| Linux Kernel | =3.0.14 | |
| Linux Kernel | =3.0.15 | |
| Linux Kernel | =3.0.16 | |
| Linux Kernel | =3.0.17 | |
| Linux Kernel | =3.0.18 | |
| Linux Kernel | =3.0.19 | |
| Linux Kernel | =3.0.20 | |
| Linux Kernel | =3.0.21 | |
| Linux Kernel | =3.0.22 | |
| Linux Kernel | =3.0.23 | |
| Linux Kernel | =3.0.24 | |
| Linux Kernel | =3.0.25 | |
| Linux Kernel | =3.0.26 | |
| Linux Kernel | =3.0.27 | |
| Linux Kernel | =3.0.28 | |
| Linux Kernel | =3.0.29 | |
| Linux Kernel | =3.0.30 | |
| Linux Kernel | =3.0.31 | |
| Linux Kernel | =3.0.32 | |
| Linux Kernel | =3.0.33 | |
| Linux Kernel | =3.0.34 | |
| Linux Kernel | =3.0.35 | |
| Linux Kernel | =3.0.36 | |
| Linux Kernel | =3.0.37 | |
| Linux Kernel | =3.0.38 | |
| Linux Kernel | =3.0.39 | |
| Linux Kernel | =3.0.40 | |
| Linux Kernel | =3.0.41 | |
| Linux Kernel | =3.0.42 | |
| Linux Kernel | =3.0.43 | |
| Linux Kernel | =3.0.44 | |
| Linux Kernel | =3.0.45 | |
| Linux Kernel | =3.0.46 | |
| Linux Kernel | =3.0.47 | |
| Linux Kernel | =3.0.48 | |
| Linux Kernel | =3.0.49 | |
| Linux Kernel | =3.0.50 | |
| Linux Kernel | =3.0.51 | |
| Linux Kernel | =3.0.52 | |
| Linux Kernel | =3.0.53 | |
| Linux Kernel | =3.0.54 | |
| Linux Kernel | =3.0.55 | |
| Linux Kernel | =3.0.56 | |
| Linux Kernel | =3.0.57 | |
| Linux Kernel | =3.0.58 | |
| Linux Kernel | =3.0.59 | |
| Linux Kernel | =3.0.60 | |
| Linux Kernel | =3.0.61 | |
| Linux Kernel | =3.0.62 | |
| Linux Kernel | =3.0.63 | |
| Linux Kernel | =3.0.64 | |
| Linux Kernel | =3.0.65 | |
| Linux Kernel | =3.0.66 | |
| Linux Kernel | =3.0.67 | |
| Linux Kernel | =3.0.68 | |
| Linux Kernel | =3.1 | |
| Linux Kernel | =3.1-rc1 | |
| Linux Kernel | =3.1-rc2 | |
| Linux Kernel | =3.1-rc3 | |
| Linux Kernel | =3.1-rc4 | |
| Linux Kernel | =3.1.1 | |
| Linux Kernel | =3.1.2 | |
| Linux Kernel | =3.1.3 | |
| Linux Kernel | =3.1.4 | |
| Linux Kernel | =3.1.5 | |
| Linux Kernel | =3.1.6 | |
| Linux Kernel | =3.1.7 | |
| Linux Kernel | =3.1.8 | |
| Linux Kernel | =3.1.9 | |
| Linux Kernel | =3.1.10 | |
| Linux Kernel | =3.2 | |
| Linux Kernel | =3.2 | |
| Linux Kernel | =3.2-rc2 | |
| Linux Kernel | =3.2-rc3 | |
| Linux Kernel | =3.10 | |
| Linux Kernel | =3.10.0 | |
| Linux Kernel | =3.10.1 | |
| Linux Kernel | =3.10.1 | |
| Linux Kernel | =3.10.2 | |
| Linux Kernel | =3.10.2 | |
| Linux Kernel | =3.10.3 | |
| Linux Kernel | =3.10.3 | |
| Linux Kernel | =3.10.4 | |
| Linux Kernel | =3.10.4 | |
| Linux Kernel | =3.10.5 | |
| Linux Kernel | =3.10.5 | |
| Linux Kernel | =3.10.6 | |
| Linux Kernel | =3.10.6 | |
| Linux Kernel | =3.10.7 | |
| Linux Kernel | =3.10.7 | |
| Linux Kernel | =3.10.8 | |
| Linux Kernel | =3.10.8 | |
| Linux Kernel | =3.10.9 | |
| Linux Kernel | =3.10.9 | |
| Linux Kernel | =3.10.10 | |
| Linux Kernel | =3.10.11 | |
| Linux Kernel | =3.10.12 | |
| Linux Kernel | =3.10.13 | |
| Linux Kernel | =3.10.14 | |
| Linux Kernel | =3.10.15 | |
| Linux Kernel | =3.10.16 | |
| Linux Kernel | =3.10.17 | |
| Linux Kernel | =3.10.18 | |
| Linux Kernel | =3.10.19 | |
| Linux Kernel | =3.10.20 | |
| Linux Kernel | =3.10.21 | |
| Linux Kernel | =3.10.22 | |
| Linux Kernel | =3.10.23 | |
| Linux Kernel | =3.10.24 | |
| Linux Kernel | =3.10.25 | |
| Linux Kernel | =3.10.26 | |
| Linux Kernel | =3.10.27 | |
| Linux Kernel | =3.10.28 | |
| Linux Kernel | =3.10.29 | |
| Linux Kernel | =3.11 | |
| Linux Kernel | =3.11.1 | |
| Linux Kernel | =3.11.2 | |
| Linux Kernel | =3.11.3 | |
| Linux Kernel | =3.11.4 | |
| Linux Kernel | =3.11.5 | |
| Linux Kernel | =3.11.6 | |
| Linux Kernel | =3.11.7 | |
| Linux Kernel | =3.11.8 | |
| Linux Kernel | =3.11.9 | |
| Linux Kernel | =3.11.10 | |
| Linux Kernel | =3.12 | |
| Linux Kernel | =3.12.1 | |
| Linux Kernel | =3.12.2 | |
| Linux Kernel | =3.12.3 | |
| Linux Kernel | =3.12.4 | |
| Linux Kernel | =3.12.5 | |
| Linux Kernel | =3.12.6 | |
| Linux Kernel | =3.12.7 | |
| Linux Kernel | =3.12.8 | |
| Linux Kernel | =3.12.9 | |
| Linux Kernel | =3.12.10 | |
| Linux Kernel | =3.12.11 | |
| Linux Kernel | =3.12.12 | |
| Linux Kernel | =3.12.13 | |
| Linux Kernel | =3.12.14 | |
| Linux Kernel | =3.12.15 | |
| Linux Kernel | =3.12.16 | |
| Linux Kernel | =3.12.17 | |
| Linux Kernel | =3.13 | |
| Linux Kernel | =3.13.1 | |
| Linux Kernel | =3.13.2 | |
| Linux Kernel | =3.13.3 | |
| Linux Kernel | =3.13.4 | |
| Linux Kernel | =3.13.5 | |
| Linux Kernel | =3.13.6 | |
| Linux Kernel | =3.13.7 | |
| Linux Kernel | =3.13.8 | |
| Linux Kernel | =3.13.9 | |
| Linux Kernel | =3.13.10 | |
| Linux Kernel | =3.13.11 | |
| Linux Kernel | =3.14 | |
| Linux Kernel | =3.14-rc1 | |
| Linux Kernel | =3.14-rc2 | |
| Linux Kernel | =3.14-rc3 | |
| Linux Kernel | =3.14-rc4 | |
| Linux Kernel | =3.14-rc5 | |
| Linux Kernel | =3.14-rc6 | |
| Linux Kernel | =3.14-rc7 | |
| Linux Kernel | =3.14-rc8 | |
| Linux Kernel | =3.14.1 | |
| Linux Kernel | =3.14.2 | |
| Linux Kernel | =3.14.3 | |
| Linux Kernel | =3.14.4 | |
| Linux Kernel | =3.14.5 | |
| Linux Kernel | =3.15 | |
| Linux Kernel | =3.15.1 | |
| Linux Kernel | =3.15.2 | |
| Linux Kernel | =3.15.3 | |
| Linux Kernel | =3.15.4 | |
| Linux Kernel | =3.15.5 | |
| Linux Kernel | =3.15.6 | |
| Linux Kernel | =3.15.7 | |
| Linux Kernel | =3.15.8 | |
| Linux Kernel | =3.16.0 | |
| Linux Kernel | =3.16.1 | |
| Linux Kernel | =3.17 | |
| Linux Kernel | =3.17.1 | |
| Linux Kernel | =3.17.2 | |
| debian/linux | 5.10.223-1 5.10.234-1 6.1.123-1 6.1.128-1 6.12.17-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2014-7842 https://nvd.nist.gov/vuln/detail/CVE-2014-7842
- https://bugzilla.redhat.com/show_bug.cgi?id=1163762
- https://access.redhat.com/errata/RHSA-2016:0855
- https://access.redhat.com/errata/RHSA-2015:2152
- https://access.redhat.com/security/cve/CVE-2014-7842
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a2b9e6c1a35afcc0973acb72e591c714e78885ff
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
- http://rhn.redhat.com/errata/RHSA-2016-0855.html
- http://secunia.com/advisories/62305
- http://secunia.com/advisories/62326
- http://secunia.com/advisories/62336
- http://www.openwall.com/lists/oss-security/2014/11/13/7
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.securityfocus.com/bid/71078
- https://github.com/torvalds/linux/commit/a2b9e6c1a35afcc0973acb72e591c714e78885ff
- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4
- https://launchpad.net/bugs/cve/CVE-2014-7842
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a2b9e6c1a35a
- https://security-tracker.debian.org/tracker/CVE-2014-7842
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842
- https://nvd.nist.gov/vuln/detail/CVE-2014-7842
- https://ubuntu.com/security/CVE-2014-7842
Frequently Asked Questions
What is the severity of CVE-2014-7842?
CVE-2014-7842 has a medium severity level, as it allows for potential denial of service under certain conditions.
How do I fix CVE-2014-7842?
To resolve CVE-2014-7842, upgrade to a patched version of the Linux Kernel that addresses this vulnerability.
Who is affected by CVE-2014-7842?
CVE-2014-7842 affects multiple versions of the Linux Kernel, including kernels from Red Hat and Debian distributions.
What type of systems could exploit CVE-2014-7842?
Local users with access to the MMIO area or I/O ports could exploit CVE-2014-7842 to cause a denial of service.
When was CVE-2014-7842 published?
CVE-2014-7842 was published on December 22, 2014.
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- agent/remedy
- collector/launchpad-cve
- source/Launchpad
- agent/author
- agent/severity
- agent/weakness
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/tags
- agent/softwarecombine
- collector/security-tracker-debian
- source/Debian
- package-manager/redhat
- vendor/linux
- canonical/linux kernel
- version/linux kernel/3.17.3
- version/linux kernel/3.0-rc1
- version/linux kernel/3.0-rc2
- version/linux kernel/3.0-rc3
- version/linux kernel/3.0-rc4
- version/linux kernel/3.0-rc5
- version/linux kernel/3.0-rc6
- version/linux kernel/3.0-rc7
- version/linux kernel/3.0.1
- version/linux kernel/3.0.2
- version/linux kernel/3.0.3
- version/linux kernel/3.0.4
- version/linux kernel/3.0.5
- version/linux kernel/3.0.6
- version/linux kernel/3.0.7
- version/linux kernel/3.0.8
- version/linux kernel/3.0.9
- version/linux kernel/3.0.10
- version/linux kernel/3.0.11
- version/linux kernel/3.0.12
- version/linux kernel/3.0.13
- version/linux kernel/3.0.14
- version/linux kernel/3.0.15
- version/linux kernel/3.0.16
- version/linux kernel/3.0.17
- version/linux kernel/3.0.18
- version/linux kernel/3.0.19
- version/linux kernel/3.0.20
- version/linux kernel/3.0.21
- version/linux kernel/3.0.22
- version/linux kernel/3.0.23
- version/linux kernel/3.0.24
- version/linux kernel/3.0.25
- version/linux kernel/3.0.26
- version/linux kernel/3.0.27
- version/linux kernel/3.0.28
- version/linux kernel/3.0.29
- version/linux kernel/3.0.30
- version/linux kernel/3.0.31
- version/linux kernel/3.0.32
- version/linux kernel/3.0.33
- version/linux kernel/3.0.34
- version/linux kernel/3.0.35
- version/linux kernel/3.0.36
- version/linux kernel/3.0.37
- version/linux kernel/3.0.38
- version/linux kernel/3.0.39
- version/linux kernel/3.0.40
- version/linux kernel/3.0.41
- version/linux kernel/3.0.42
- version/linux kernel/3.0.43
- version/linux kernel/3.0.44
- version/linux kernel/3.0.45
- version/linux kernel/3.0.46
- version/linux kernel/3.0.47
- version/linux kernel/3.0.48
- version/linux kernel/3.0.49
- version/linux kernel/3.0.50
- version/linux kernel/3.0.51
- version/linux kernel/3.0.52
- version/linux kernel/3.0.53
- version/linux kernel/3.0.54
- version/linux kernel/3.0.55
- version/linux kernel/3.0.56
- version/linux kernel/3.0.57
- version/linux kernel/3.0.58
- version/linux kernel/3.0.59
- version/linux kernel/3.0.60
- version/linux kernel/3.0.61
- version/linux kernel/3.0.62
- version/linux kernel/3.0.63
- version/linux kernel/3.0.64
- version/linux kernel/3.0.65
- version/linux kernel/3.0.66
- version/linux kernel/3.0.67
- version/linux kernel/3.0.68
- version/linux kernel/3.1
- version/linux kernel/3.1-rc1
- version/linux kernel/3.1-rc2
- version/linux kernel/3.1-rc3
- version/linux kernel/3.1-rc4
- version/linux kernel/3.1.1
- version/linux kernel/3.1.2
- version/linux kernel/3.1.3
- version/linux kernel/3.1.4
- version/linux kernel/3.1.5
- version/linux kernel/3.1.6
- version/linux kernel/3.1.7
- version/linux kernel/3.1.8
- version/linux kernel/3.1.9
- version/linux kernel/3.1.10
- version/linux kernel/3.2
- version/linux kernel/3.2-rc2
- version/linux kernel/3.2-rc3
- version/linux kernel/3.10
- version/linux kernel/3.10.0
- version/linux kernel/3.10.1
- version/linux kernel/3.10.2
- version/linux kernel/3.10.3
- version/linux kernel/3.10.4
- version/linux kernel/3.10.5
- version/linux kernel/3.10.6
- version/linux kernel/3.10.7
- version/linux kernel/3.10.8
- version/linux kernel/3.10.9
- version/linux kernel/3.10.10
- version/linux kernel/3.10.11
- version/linux kernel/3.10.12
- version/linux kernel/3.10.13
- version/linux kernel/3.10.14
- version/linux kernel/3.10.15
- version/linux kernel/3.10.16
- version/linux kernel/3.10.17
- version/linux kernel/3.10.18
- version/linux kernel/3.10.19
- version/linux kernel/3.10.20
- version/linux kernel/3.10.21
- version/linux kernel/3.10.22
- version/linux kernel/3.10.23
- version/linux kernel/3.10.24
- version/linux kernel/3.10.25
- version/linux kernel/3.10.26
- version/linux kernel/3.10.27
- version/linux kernel/3.10.28
- version/linux kernel/3.10.29
- version/linux kernel/3.11
- version/linux kernel/3.11.1
- version/linux kernel/3.11.2
- version/linux kernel/3.11.3
- version/linux kernel/3.11.4
- version/linux kernel/3.11.5
- version/linux kernel/3.11.6
- version/linux kernel/3.11.7
- version/linux kernel/3.11.8
- version/linux kernel/3.11.9
- version/linux kernel/3.11.10
- version/linux kernel/3.12
- version/linux kernel/3.12.1
- version/linux kernel/3.12.2
- version/linux kernel/3.12.3
- version/linux kernel/3.12.4
- version/linux kernel/3.12.5
- version/linux kernel/3.12.6
- version/linux kernel/3.12.7
- version/linux kernel/3.12.8
- version/linux kernel/3.12.9
- version/linux kernel/3.12.10
- version/linux kernel/3.12.11
- version/linux kernel/3.12.12
- version/linux kernel/3.12.13
- version/linux kernel/3.12.14
- version/linux kernel/3.12.15
- version/linux kernel/3.12.16
- version/linux kernel/3.12.17
- version/linux kernel/3.13
- version/linux kernel/3.13.1
- version/linux kernel/3.13.2
- version/linux kernel/3.13.3
- version/linux kernel/3.13.4
- version/linux kernel/3.13.5
- version/linux kernel/3.13.6
- version/linux kernel/3.13.7
- version/linux kernel/3.13.8
- version/linux kernel/3.13.9
- version/linux kernel/3.13.10
- version/linux kernel/3.13.11
- version/linux kernel/3.14
- version/linux kernel/3.14-rc1
- version/linux kernel/3.14-rc2
- version/linux kernel/3.14-rc3
- version/linux kernel/3.14-rc4
- version/linux kernel/3.14-rc5
- version/linux kernel/3.14-rc6
- version/linux kernel/3.14-rc7
- version/linux kernel/3.14-rc8
- version/linux kernel/3.14.1
- version/linux kernel/3.14.2
- version/linux kernel/3.14.3
- version/linux kernel/3.14.4
- version/linux kernel/3.14.5
- version/linux kernel/3.15
- version/linux kernel/3.15.1
- version/linux kernel/3.15.2
- version/linux kernel/3.15.3
- version/linux kernel/3.15.4
- version/linux kernel/3.15.5
- version/linux kernel/3.15.6
- version/linux kernel/3.15.7
- version/linux kernel/3.15.8
- version/linux kernel/3.16.0
- version/linux kernel/3.16.1
- version/linux kernel/3.17
- version/linux kernel/3.17.1
- version/linux kernel/3.17.2
- package-manager/debian