Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2014-1438

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-18 Jan, 2014 | 22:00
Updated At-06 Aug, 2024 | 09:42
Rejected At-
Credits

The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service (task kill) or possibly gain privileges via a crafted application.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:18 Jan, 2014 | 22:00
Updated At:06 Aug, 2024 | 09:42
Rejected At:
▼CVE Numbering Authority (CNA)

The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service (task kill) or possibly gain privileges via a crafted application.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.ubuntu.com/usn/USN-2135-1
vendor-advisory
x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2138-1
vendor-advisory
x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2113-1
vendor-advisory
x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2141-1
vendor-advisory
x_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=1052914
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2014/01/14/1
mailing-list
x_refsource_MLIST
http://www.ubuntu.com/usn/USN-2136-1
vendor-advisory
x_refsource_UBUNTU
http://www.securityfocus.com/bid/64781
vdb-entry
x_refsource_BID
http://www.ubuntu.com/usn/USN-2139-1
vendor-advisory
x_refsource_UBUNTU
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126874.html
vendor-advisory
x_refsource_FEDORA
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26bef1318adc1b3a530ecc807ef99346db2aa8b0
x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2134-1
vendor-advisory
x_refsource_UBUNTU
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8
x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2014:038
vendor-advisory
x_refsource_MANDRIVA
http://www.ubuntu.com/usn/USN-2117-1
vendor-advisory
x_refsource_UBUNTU
https://github.com/torvalds/linux/commit/26bef1318adc1b3a530ecc807ef99346db2aa8b0
x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2133-1
vendor-advisory
x_refsource_UBUNTU
http://www.securitytracker.com/id/1029592
vdb-entry
x_refsource_SECTRACK
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126858.html
vendor-advisory
x_refsource_FEDORA
https://lkml.org/lkml/2014/1/9/637
mailing-list
x_refsource_MLIST
http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/
x_refsource_MISC
Hyperlink: http://www.ubuntu.com/usn/USN-2135-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.ubuntu.com/usn/USN-2138-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.ubuntu.com/usn/USN-2113-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.ubuntu.com/usn/USN-2141-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1052914
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.openwall.com/lists/oss-security/2014/01/14/1
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.ubuntu.com/usn/USN-2136-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.securityfocus.com/bid/64781
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.ubuntu.com/usn/USN-2139-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126874.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26bef1318adc1b3a530ecc807ef99346db2aa8b0
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.ubuntu.com/usn/USN-2134-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2014:038
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.ubuntu.com/usn/USN-2117-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://github.com/torvalds/linux/commit/26bef1318adc1b3a530ecc807ef99346db2aa8b0
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.ubuntu.com/usn/USN-2133-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.securitytracker.com/id/1029592
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126858.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: https://lkml.org/lkml/2014/1/9/637
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.ubuntu.com/usn/USN-2135-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.ubuntu.com/usn/USN-2138-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.ubuntu.com/usn/USN-2113-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.ubuntu.com/usn/USN-2141-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1052914
x_refsource_CONFIRM
x_transferred
http://www.openwall.com/lists/oss-security/2014/01/14/1
mailing-list
x_refsource_MLIST
x_transferred
http://www.ubuntu.com/usn/USN-2136-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.securityfocus.com/bid/64781
vdb-entry
x_refsource_BID
x_transferred
http://www.ubuntu.com/usn/USN-2139-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126874.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26bef1318adc1b3a530ecc807ef99346db2aa8b0
x_refsource_CONFIRM
x_transferred
http://www.ubuntu.com/usn/USN-2134-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8
x_refsource_CONFIRM
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2014:038
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.ubuntu.com/usn/USN-2117-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://github.com/torvalds/linux/commit/26bef1318adc1b3a530ecc807ef99346db2aa8b0
x_refsource_CONFIRM
x_transferred
http://www.ubuntu.com/usn/USN-2133-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.securitytracker.com/id/1029592
vdb-entry
x_refsource_SECTRACK
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126858.html
vendor-advisory
x_refsource_FEDORA
x_transferred
https://lkml.org/lkml/2014/1/9/637
mailing-list
x_refsource_MLIST
x_transferred
http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/
x_refsource_MISC
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2135-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2138-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2113-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2141-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1052914
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2014/01/14/1
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2136-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.securityfocus.com/bid/64781
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2139-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126874.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26bef1318adc1b3a530ecc807ef99346db2aa8b0
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2134-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2014:038
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2117-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://github.com/torvalds/linux/commit/26bef1318adc1b3a530ecc807ef99346db2aa8b0
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2133-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.securitytracker.com/id/1029592
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126858.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: https://lkml.org/lkml/2014/1/9/637
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:18 Jan, 2014 | 22:55
Updated At:11 Apr, 2025 | 00:51

The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service (task kill) or possibly gain privileges via a crafted application.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.7MEDIUM
AV:L/AC:M/Au:N/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 4.7
Base severity: MEDIUM
Vector:
AV:L/AC:M/Au:N/C:N/I:N/A:C
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions up to 3.12.7(inclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>3.12
cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>3.12.1
cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>3.12.2
cpe:2.3:o:linux:linux_kernel:3.12.2:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>3.12.3
cpe:2.3:o:linux:linux_kernel:3.12.3:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>3.12.4
cpe:2.3:o:linux:linux_kernel:3.12.4:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>3.12.5
cpe:2.3:o:linux:linux_kernel:3.12.5:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>3.12.6
cpe:2.3:o:linux:linux_kernel:3.12.6:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-264Primarynvd@nist.gov
CWE ID: CWE-264
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26bef1318adc1b3a530ecc807ef99346db2aa8b0cve@mitre.org
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126858.htmlcve@mitre.org
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126874.htmlcve@mitre.org
N/A
http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/cve@mitre.org
N/A
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2014:038cve@mitre.org
N/A
http://www.openwall.com/lists/oss-security/2014/01/14/1cve@mitre.org
N/A
http://www.securityfocus.com/bid/64781cve@mitre.org
N/A
http://www.securitytracker.com/id/1029592cve@mitre.org
N/A
http://www.ubuntu.com/usn/USN-2113-1cve@mitre.org
N/A
http://www.ubuntu.com/usn/USN-2117-1cve@mitre.org
N/A
http://www.ubuntu.com/usn/USN-2133-1cve@mitre.org
N/A
http://www.ubuntu.com/usn/USN-2134-1cve@mitre.org
N/A
http://www.ubuntu.com/usn/USN-2135-1cve@mitre.org
N/A
http://www.ubuntu.com/usn/USN-2136-1cve@mitre.org
N/A
http://www.ubuntu.com/usn/USN-2138-1cve@mitre.org
N/A
http://www.ubuntu.com/usn/USN-2139-1cve@mitre.org
N/A
http://www.ubuntu.com/usn/USN-2141-1cve@mitre.org
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=1052914cve@mitre.org
N/A
https://github.com/torvalds/linux/commit/26bef1318adc1b3a530ecc807ef99346db2aa8b0cve@mitre.org
N/A
https://lkml.org/lkml/2014/1/9/637cve@mitre.org
N/A
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26bef1318adc1b3a530ecc807ef99346db2aa8b0af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126858.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126874.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2014:038af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2014/01/14/1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/64781af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1029592af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2113-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2117-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2133-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2134-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2135-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2136-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2138-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2139-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2141-1af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=1052914af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/torvalds/linux/commit/26bef1318adc1b3a530ecc807ef99346db2aa8b0af854a3a-2127-422b-91ae-364da2661108
N/A
https://lkml.org/lkml/2014/1/9/637af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26bef1318adc1b3a530ecc807ef99346db2aa8b0
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126858.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126874.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2014:038
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2014/01/14/1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/64781
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1029592
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2113-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2117-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2133-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2134-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2135-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2136-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2138-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2139-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2141-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1052914
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://github.com/torvalds/linux/commit/26bef1318adc1b3a530ecc807ef99346db2aa8b0
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://lkml.org/lkml/2014/1/9/637
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26bef1318adc1b3a530ecc807ef99346db2aa8b0
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126858.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126874.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2014:038
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2014/01/14/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/64781
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1029592
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2113-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2117-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2133-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2134-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2135-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2136-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2138-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2139-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2141-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1052914
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/torvalds/linux/commit/26bef1318adc1b3a530ecc807ef99346db2aa8b0
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lkml.org/lkml/2014/1/9/637
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

114Records found
CVE-2009-4895
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.06% / 20.12%
||
7 Day CHG~0.00%
Published-08 Sep, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via unknown vectors, related to the put_tty_queue and __f_setown functions. NOTE: the vulnerability was addressed in a different way in 2.6.32.9.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, IncDebian GNU/Linux
Product-linux_kerneldebian_linuxubuntu_linuxn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2009-4138
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.08% / 24.43%
||
7 Day CHG~0.00%
Published-16 Dec, 2009 | 19:00
Updated-07 Aug, 2024 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-399
Not Available
CVE-2009-1046
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.26% / 48.75%
||
7 Day CHG~0.00%
Published-23 Mar, 2009 | 16:00
Updated-07 Aug, 2024 | 04:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which triggers an "off-by-two memory error." NOTE: it is not clear whether this issue crosses privilege boundaries.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-399
Not Available
CVE-2009-0859
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.06% / 19.22%
||
7 Day CHG~0.00%
Published-09 Mar, 2009 | 21:00
Updated-07 Aug, 2024 | 04:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2009-0935
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 20.96%
||
7 Day CHG~0.00%
Published-18 Mar, 2009 | 01:00
Updated-07 Aug, 2024 | 04:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-667
Improper Locking
CVE-2008-3831
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.09% / 26.61%
||
7 Day CHG~0.00%
Published-20 Oct, 2008 | 17:00
Updated-07 Aug, 2024 | 09:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.

Action-Not Available
Vendor-n/aDebian GNU/LinuxOpenBSDLinux Kernel Organization, Inc
Product-linux_kernellinuxn/a
CWE ID-CWE-399
Not Available
CVE-2019-15921
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.07% / 22.57%
||
7 Day CHG~0.00%
Published-04 Sep, 2019 | 18:08
Updated-05 Aug, 2024 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.

Action-Not Available
Vendor-n/aopenSUSELinux Kernel Organization, Inc
Product-linux_kernelleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2008-2365
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.7||MEDIUM
EPSS-1.36% / 79.37%
||
7 Day CHG~0.00%
Published-30 Jun, 2008 | 21:00
Updated-07 Aug, 2024 | 08:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux (RHEL) 4, allows local users to cause a denial of service (oops) via a long series of PTRACE_ATTACH ptrace calls to another user's process that trigger a conflict between utrace_detach and report_quiescent, related to "late ptrace_may_attach() check" and "race around &dead_engine_ops setting," a different vulnerability than CVE-2007-0771 and CVE-2008-1514. NOTE: this issue might only affect kernel versions before 2.6.16.x.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_desktopenterprise_linuxlinux_kerneln/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2007-4133
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.04% / 12.78%
||
7 Day CHG~0.00%
Published-04 Oct, 2007 | 23:00
Updated-07 Aug, 2024 | 14:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE units, which allows local users to cause a denial of service (panic) via unspecified vectors.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2021-45480
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 11.13%
||
7 Day CHG~0.00%
Published-24 Dec, 2021 | 22:55
Updated-04 Aug, 2024 | 04:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2007-2172
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.07% / 21.36%
||
7 Day CHG~0.00%
Published-22 Apr, 2007 | 19:00
Updated-07 Aug, 2024 | 13:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-29264
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 21.02%
||
7 Day CHG~0.00%
Published-26 Mar, 2021 | 21:35
Updated-03 Aug, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled, aka CID-d8861bab48b6.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CVE-2013-2890
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-4.7||MEDIUM
EPSS-0.07% / 21.38%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

drivers/hid/hid-sony.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SONY is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-2889
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-4.7||MEDIUM
EPSS-0.07% / 21.22%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found