CVE-2014-4699

by Fred · 09/07/2014

The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.

Date published : 2014-07-09

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a

http://linux.oracle.com/errata/ELSA-2014-0924.html

CVE-2014-4699

Similar

Recent Posts

Categories

CVE-2014-4699

Share this:

Similar

Recent Posts

Categories

Tags