← Back

CVE-2014-9322

nvd nist
Published: Dec 17, 2014Modified: May 6, 2026

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

Affected (13)

Show all products
Linux: Linux Kernel · Redhat: Enterprise Linux Eus · Canonical: Ubuntu Linux · Opensuse: Evergreen · Suse: Suse Linux Enterprise Server · Google: Android
Linux
1 product
Linux Kernel
Redhat
1 product
Enterprise Linux Eus
Canonical
1 product
Ubuntu Linux
Opensuse
1 product
Evergreen
Suse
1 product
Suse Linux Enterprise Server
Google
1 product
Android
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
Before 3.2.65
Linux Kernel
From 3.11 to 3.12.35
Linux Kernel
From 3.13 to 3.14.26
Linux Kernel
From 3.15 to 3.16.35
Linux Kernel
From 3.17 to 3.17.5
Linux Kernel
From 3.3 to 3.4.106
Linux Kernel
From 3.5 to 3.10.62
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Linux Eus
Version 5.6
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Ubuntu Linux
Version 10.04
Configuration D
2 vulnerable
Vulnerable SoftwareAffected Versions
Evergreen
Version 11.4
Suse Linux Enterprise Server
Version 10 sp4
Configuration E
2 vulnerable
Vulnerable SoftwareAffected Versions
Google
Android
Version 6.0.1
Android
Version 6.0

Related CWEs

CWE-269
Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (44)

Source: cve@mitre.org
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
ExploitThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Mailing ListPatchThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Issue TrackingPatchThird Party Advisory
Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
Permissions RequiredThird Party Advisory
Source: cve@mitre.org
Mailing ListPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatchVendor Advisory

Timeline

No history available yet.