Lucene search
HistoryNov 30, 2014 - 1:59 a.m.
CVE-2014-9090
cve-2014-9090
linux kernel
denial of service
ss segment register
nvd
security vulnerability
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
5.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite.
Affected configurations
Node
linuxlinux_kernelRange≤3.17.3
ORlinuxlinux_kernelMatch3.0rc1
ORlinuxlinux_kernelMatch3.0rc2
ORlinuxlinux_kernelMatch3.0rc3
ORlinuxlinux_kernelMatch3.0rc4
ORlinuxlinux_kernelMatch3.0rc5
ORlinuxlinux_kernelMatch3.0rc6
ORlinuxlinux_kernelMatch3.0rc7
ORlinuxlinux_kernelMatch3.0.1
ORlinuxlinux_kernelMatch3.0.2
ORlinuxlinux_kernelMatch3.0.3
ORlinuxlinux_kernelMatch3.0.4
ORlinuxlinux_kernelMatch3.0.5
ORlinuxlinux_kernelMatch3.0.6
ORlinuxlinux_kernelMatch3.0.7
ORlinuxlinux_kernelMatch3.0.8
ORlinuxlinux_kernelMatch3.0.9
ORlinuxlinux_kernelMatch3.0.10
ORlinuxlinux_kernelMatch3.0.11
ORlinuxlinux_kernelMatch3.0.12
ORlinuxlinux_kernelMatch3.0.13
ORlinuxlinux_kernelMatch3.0.14
ORlinuxlinux_kernelMatch3.0.15
ORlinuxlinux_kernelMatch3.0.16
ORlinuxlinux_kernelMatch3.0.17
ORlinuxlinux_kernelMatch3.0.18
ORlinuxlinux_kernelMatch3.0.19
ORlinuxlinux_kernelMatch3.0.20
ORlinuxlinux_kernelMatch3.0.21
ORlinuxlinux_kernelMatch3.0.22
ORlinuxlinux_kernelMatch3.0.23
ORlinuxlinux_kernelMatch3.0.24
ORlinuxlinux_kernelMatch3.0.25
ORlinuxlinux_kernelMatch3.0.26
ORlinuxlinux_kernelMatch3.0.27
ORlinuxlinux_kernelMatch3.0.28
ORlinuxlinux_kernelMatch3.0.29
ORlinuxlinux_kernelMatch3.0.30
ORlinuxlinux_kernelMatch3.0.31
ORlinuxlinux_kernelMatch3.0.32
ORlinuxlinux_kernelMatch3.0.33
ORlinuxlinux_kernelMatch3.0.34
ORlinuxlinux_kernelMatch3.0.35
ORlinuxlinux_kernelMatch3.0.36
ORlinuxlinux_kernelMatch3.0.37
ORlinuxlinux_kernelMatch3.0.38
ORlinuxlinux_kernelMatch3.0.39
ORlinuxlinux_kernelMatch3.0.40
ORlinuxlinux_kernelMatch3.0.41
ORlinuxlinux_kernelMatch3.0.42
ORlinuxlinux_kernelMatch3.0.43
ORlinuxlinux_kernelMatch3.0.44
ORlinuxlinux_kernelMatch3.0.45
ORlinuxlinux_kernelMatch3.0.46
ORlinuxlinux_kernelMatch3.0.47
ORlinuxlinux_kernelMatch3.0.48
ORlinuxlinux_kernelMatch3.0.49
ORlinuxlinux_kernelMatch3.0.50
ORlinuxlinux_kernelMatch3.0.51
ORlinuxlinux_kernelMatch3.0.52
ORlinuxlinux_kernelMatch3.0.53
ORlinuxlinux_kernelMatch3.0.54
ORlinuxlinux_kernelMatch3.0.55
ORlinuxlinux_kernelMatch3.0.56
ORlinuxlinux_kernelMatch3.0.57
ORlinuxlinux_kernelMatch3.0.58
ORlinuxlinux_kernelMatch3.0.59
ORlinuxlinux_kernelMatch3.0.60
ORlinuxlinux_kernelMatch3.0.61
ORlinuxlinux_kernelMatch3.0.62
ORlinuxlinux_kernelMatch3.0.63
ORlinuxlinux_kernelMatch3.0.64
ORlinuxlinux_kernelMatch3.0.65
ORlinuxlinux_kernelMatch3.0.66
ORlinuxlinux_kernelMatch3.0.67
ORlinuxlinux_kernelMatch3.0.68
ORlinuxlinux_kernelMatch3.1
ORlinuxlinux_kernelMatch3.1rc1
ORlinuxlinux_kernelMatch3.1rc2
ORlinuxlinux_kernelMatch3.1rc3
ORlinuxlinux_kernelMatch3.1rc4
ORlinuxlinux_kernelMatch3.1.1
ORlinuxlinux_kernelMatch3.1.2
ORlinuxlinux_kernelMatch3.1.3
ORlinuxlinux_kernelMatch3.1.4
ORlinuxlinux_kernelMatch3.1.5
ORlinuxlinux_kernelMatch3.1.6
ORlinuxlinux_kernelMatch3.1.7
ORlinuxlinux_kernelMatch3.1.8
ORlinuxlinux_kernelMatch3.1.9
ORlinuxlinux_kernelMatch3.1.10
ORlinuxlinux_kernelMatch3.2
ORlinuxlinux_kernelMatch3.2x86
ORlinuxlinux_kernelMatch3.2rc2
ORlinuxlinux_kernelMatch3.2rc3
ORlinuxlinux_kernelMatch3.10
ORlinuxlinux_kernelMatch3.10.0arm64
ORlinuxlinux_kernelMatch3.10.1
ORlinuxlinux_kernelMatch3.10.1arm64
ORlinuxlinux_kernelMatch3.10.2
ORlinuxlinux_kernelMatch3.10.2arm64
ORlinuxlinux_kernelMatch3.10.3
ORlinuxlinux_kernelMatch3.10.3arm64
ORlinuxlinux_kernelMatch3.10.4
ORlinuxlinux_kernelMatch3.10.4arm64
ORlinuxlinux_kernelMatch3.10.5
ORlinuxlinux_kernelMatch3.10.5arm64
ORlinuxlinux_kernelMatch3.10.6
ORlinuxlinux_kernelMatch3.10.6arm64
ORlinuxlinux_kernelMatch3.10.7
ORlinuxlinux_kernelMatch3.10.7arm64
ORlinuxlinux_kernelMatch3.10.8
ORlinuxlinux_kernelMatch3.10.8arm64
ORlinuxlinux_kernelMatch3.10.9
ORlinuxlinux_kernelMatch3.10.9arm64
ORlinuxlinux_kernelMatch3.10.10
ORlinuxlinux_kernelMatch3.10.11
ORlinuxlinux_kernelMatch3.10.12
ORlinuxlinux_kernelMatch3.10.13
ORlinuxlinux_kernelMatch3.10.14
ORlinuxlinux_kernelMatch3.10.15
ORlinuxlinux_kernelMatch3.10.16
ORlinuxlinux_kernelMatch3.10.17
ORlinuxlinux_kernelMatch3.10.18
ORlinuxlinux_kernelMatch3.10.19
ORlinuxlinux_kernelMatch3.10.20
ORlinuxlinux_kernelMatch3.10.21
ORlinuxlinux_kernelMatch3.10.22
ORlinuxlinux_kernelMatch3.10.23
ORlinuxlinux_kernelMatch3.10.24
ORlinuxlinux_kernelMatch3.10.25
ORlinuxlinux_kernelMatch3.10.26
ORlinuxlinux_kernelMatch3.10.27
ORlinuxlinux_kernelMatch3.10.28
ORlinuxlinux_kernelMatch3.10.29
ORlinuxlinux_kernelMatch3.11
ORlinuxlinux_kernelMatch3.11.1
ORlinuxlinux_kernelMatch3.11.2
ORlinuxlinux_kernelMatch3.11.3
ORlinuxlinux_kernelMatch3.11.4
ORlinuxlinux_kernelMatch3.11.5
ORlinuxlinux_kernelMatch3.11.6
ORlinuxlinux_kernelMatch3.11.7
ORlinuxlinux_kernelMatch3.11.8
ORlinuxlinux_kernelMatch3.11.9
ORlinuxlinux_kernelMatch3.11.10
ORlinuxlinux_kernelMatch3.12
ORlinuxlinux_kernelMatch3.12.1
ORlinuxlinux_kernelMatch3.12.2
ORlinuxlinux_kernelMatch3.12.3
ORlinuxlinux_kernelMatch3.12.4
ORlinuxlinux_kernelMatch3.12.5
ORlinuxlinux_kernelMatch3.12.6
ORlinuxlinux_kernelMatch3.12.7
ORlinuxlinux_kernelMatch3.12.8
ORlinuxlinux_kernelMatch3.12.9
ORlinuxlinux_kernelMatch3.12.10
ORlinuxlinux_kernelMatch3.12.11
ORlinuxlinux_kernelMatch3.12.12
ORlinuxlinux_kernelMatch3.12.13
ORlinuxlinux_kernelMatch3.12.14
ORlinuxlinux_kernelMatch3.12.15
ORlinuxlinux_kernelMatch3.12.16
ORlinuxlinux_kernelMatch3.12.17
ORlinuxlinux_kernelMatch3.13
ORlinuxlinux_kernelMatch3.13.1
ORlinuxlinux_kernelMatch3.13.2
ORlinuxlinux_kernelMatch3.13.3
ORlinuxlinux_kernelMatch3.13.4
ORlinuxlinux_kernelMatch3.13.5
ORlinuxlinux_kernelMatch3.13.6
ORlinuxlinux_kernelMatch3.13.7
ORlinuxlinux_kernelMatch3.13.8
ORlinuxlinux_kernelMatch3.13.9
ORlinuxlinux_kernelMatch3.13.10
ORlinuxlinux_kernelMatch3.13.11
ORlinuxlinux_kernelMatch3.14-
ORlinuxlinux_kernelMatch3.14rc1
ORlinuxlinux_kernelMatch3.14rc2
ORlinuxlinux_kernelMatch3.14rc3
ORlinuxlinux_kernelMatch3.14rc4
ORlinuxlinux_kernelMatch3.14rc5
ORlinuxlinux_kernelMatch3.14rc6
ORlinuxlinux_kernelMatch3.14rc7
ORlinuxlinux_kernelMatch3.14rc8
ORlinuxlinux_kernelMatch3.14.1
ORlinuxlinux_kernelMatch3.14.2
ORlinuxlinux_kernelMatch3.14.3
ORlinuxlinux_kernelMatch3.14.4
ORlinuxlinux_kernelMatch3.14.5
ORlinuxlinux_kernelMatch3.15
ORlinuxlinux_kernelMatch3.15.1
ORlinuxlinux_kernelMatch3.15.2
ORlinuxlinux_kernelMatch3.15.3
ORlinuxlinux_kernelMatch3.15.4
ORlinuxlinux_kernelMatch3.15.5
ORlinuxlinux_kernelMatch3.15.6
ORlinuxlinux_kernelMatch3.15.7
ORlinuxlinux_kernelMatch3.15.8
ORlinuxlinux_kernelMatch3.16.0
ORlinuxlinux_kernelMatch3.16.1
ORlinuxlinux_kernelMatch3.17
ORlinuxlinux_kernelMatch3.17.1
ORlinuxlinux_kernelMatch3.17.2
References
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f442be2fb22be02cafa606f1769fa1e6f894441
lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
secunia.com/advisories/62336
www.debian.org/security/2014/dsa-3093
www.openwall.com/lists/oss-security/2014/11/26/5
github.com/torvalds/linux/commit/6f442be2fb22be02cafa606f1769fa1e6f894441
Related
prion
prion
Default credentials
2014-11-30 01:59:00
fedora
fedora
[SECURITY] Fedora 21 Update: kernel-3.17.4-302.fc21
2014-12-12 04:06:43
[SECURITY] Fedora 21 Update: kernel-3.17.7-300.fc21
2014-12-22 02:32:48
[SECURITY] Fedora 21 Update: kernel-3.18.3-201.fc21
2015-01-26 02:31:22
ubuntucve
ubuntucve
CVE-2014-9090
2014-11-29 00:00:00
nessus
nessus
Fedora 20 : kernel-3.17.6-200.fc20 (2014-16632)
2014-12-15 00:00:00
Fedora 21 : kernel-3.17.4-302.fc21 (2014-16448)
2014-12-15 00:00:00
SUSE SLES11 Security Update : kernel (SUSE-SU-2014:1698-1)
2015-05-20 00:00:00
nvd
nvd
CVE-2014-9090
2014-11-30 01:59:08
debiancve
debiancve
CVE-2014-9090
2014-11-30 01:59:08
openvas
openvas
Fedora Update for kernel FEDORA-2014-16448
2015-01-05 00:00:00
SUSE: Security Advisory for Linux (SUSE-SU-2014:1698-1)
2015-10-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:1698-1)
2021-06-09 00:00:00
cvelist
cvelist
CVE-2014-9090
2014-11-30 01:00:00
suse
suse
kernel update for Evergreen 11.4 (important)
2014-12-31 11:06:28
Security update for Linux kernel (important)
2014-12-24 08:05:54
Security update for Linux Kernel (important)
2014-12-21 13:12:48
debian
debian
[SECURITY] [DSA 3093-1] linux security update
2014-12-08 21:09:15
[SECURITY] [DSA 3093-1] linux security update
2014-12-08 21:09:15
[SECURITY] [DLA 103-1] linux-2.6 security update
2014-12-09 01:05:55
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2014-12-19 00:00:00
Unbreakable Enterprise kernel security update
2014-12-19 00:00:00
Unbreakable Enterprise kernel security update
2014-12-19 00:00:00
amazon
amazon
Medium: kernel
2014-12-03 22:27:00
securityvulns
securityvulns
[SECURITY] [DSA 3093-1] linux security update
2014-12-11 00:00:00
Linux kernel multiple security vulnerabilities
2014-12-21 00:00:00
[USN-2441-1] Linux kernel vulnerabilities
2014-12-21 00:00:00
osv
osv
linux - security update
2014-12-08 00:00:00
linux-2.6 - security update
2014-12-09 00:00:00
ubuntu
ubuntu
Linux kernel (OMAP4) vulnerabilities
2015-01-13 00:00:00
Linux kernel vulnerabilities
2014-12-12 00:00:00
Linux kernel vulnerabilities
2014-12-12 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2015-01-07 18:14:58
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
5.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2014-9090