CVE-2014-9322
CVE-2014-9322
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.
Affected products
n/a · n/apublic PoCs found — 4
githubgithub.com/RKX1209/CVE-2014-9322★ 8cve_referencewww.exploit-db.com/exploits/36266unverifiedexploitdbwww.exploit-db.com/exploits/44205unverifiedexploitdbwww.exploit-db.com/exploits/36266unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f442be2fb22be02cafa606f1769fa1e6f894441http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.htmlhttp://marc.info/?l=bugtraq&m=142722450701342&w=2http://marc.info/?l=bugtraq&m=142722544401658&w=2http://osvdb.org/show/osvdb/115919http://rhn.redhat.com/errata/RHSA-2014-1998.htmlhttp://rhn.redhat.com/errata/RHSA-2014-2008.htmlhttp://rhn.redhat.com/errata/RHSA-2014-2028.htmlhttp://rhn.redhat.com/errata/RHSA-2014-2031.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0009.html