CVE - CVE-2014-4699

CVE-ID
CVE-2014-4699	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a CONFIRM:http://linux.oracle.com/errata/ELSA-2014-0924.html CONFIRM:http://linux.oracle.com/errata/ELSA-2014-3047.html CONFIRM:http://linux.oracle.com/errata/ELSA-2014-3048.html CONFIRM:http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.4 CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1115927 CONFIRM:https://github.com/torvalds/linux/commit/b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.47 CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.11 CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.97 DEBIAN:DSA-2972 URL:http://www.debian.org/security/2014/dsa-2972 EXPLOIT-DB:34134 URL:http://www.exploit-db.com/exploits/34134 MISC:http://packetstormsecurity.com/files/127573/Linux-Kernel-ptrace-sysret-Local-Privilege-Escalation.html MLIST:[oss-security] 20140704 CVE-2014-4699: Linux ptrace bug URL:http://www.openwall.com/lists/oss-security/2014/07/04/4 MLIST:[oss-security] 20140705 Re: CVE-2014-4699: Linux ptrace bug URL:http://openwall.com/lists/oss-security/2014/07/05/4 MLIST:[oss-security] 20140708 Re: CVE-2014-4699: Linux ptrace bug URL:http://openwall.com/lists/oss-security/2014/07/08/16 MLIST:[oss-security] 20140708 Re: CVE-2014-4699: Linux ptrace bug URL:http://openwall.com/lists/oss-security/2014/07/08/5 OSVDB:108754 URL:~~http://www.osvdb.org/108754~~ (Obsolete source) SECUNIA:59633 URL:http://secunia.com/advisories/59633 SECUNIA:59639 URL:http://secunia.com/advisories/59639 SECUNIA:59654 URL:http://secunia.com/advisories/59654 SECUNIA:60220 URL:http://secunia.com/advisories/60220 SECUNIA:60380 URL:http://secunia.com/advisories/60380 SECUNIA:60393 URL:http://secunia.com/advisories/60393 UBUNTU:USN-2266-1 URL:http://www.ubuntu.com/usn/USN-2266-1 UBUNTU:USN-2267-1 URL:http://www.ubuntu.com/usn/USN-2267-1 UBUNTU:USN-2268-1 URL:http://www.ubuntu.com/usn/USN-2268-1 UBUNTU:USN-2269-1 URL:http://www.ubuntu.com/usn/USN-2269-1 UBUNTU:USN-2270-1 URL:http://www.ubuntu.com/usn/USN-2270-1 UBUNTU:USN-2271-1 URL:http://www.ubuntu.com/usn/USN-2271-1 UBUNTU:USN-2272-1 URL:http://www.ubuntu.com/usn/USN-2272-1 UBUNTU:USN-2273-1 URL:http://www.ubuntu.com/usn/USN-2273-1 UBUNTU:USN-2274-1 URL:http://www.ubuntu.com/usn/USN-2274-1
Assigning CNA
MITRE Corporation
Date Record Created
20140630	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20140630)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)