CVE-2014-8133

Sažetak

arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value.

Reference

http://www.openwall.com/lists/oss-security/2014/12/15/6
https://bugzilla.redhat.com/show_bug.cgi?id=1172797
https://github.com/torvalds/linux/commit/41bdc78544b8a93a9c6814b8bbbfef966272abbe
http://www.securityfocus.com/bid/71684
http://secunia.com/advisories/62801
http://www.ubuntu.com/usn/USN-2516-1
http://www.ubuntu.com/usn/USN-2517-1
http://www.ubuntu.com/usn/USN-2492-1
http://www.ubuntu.com/usn/USN-2518-1
http://www.ubuntu.com/usn/USN-2515-1
http://www.ubuntu.com/usn/USN-2493-1
http://www.ubuntu.com/usn/USN-2490-1
http://www.ubuntu.com/usn/USN-2491-1
http://www.debian.org/security/2015/dsa-3128
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
http://rhn.redhat.com/errata/RHSA-2015-1272.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=41bdc78544b8a93a9c6814b8bbbfef966272abbe

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

13-02-2023 - 00:43

Objavljeno

17-12-2014 - 11:59