kernel: crypto api unprivileged arbitrary module load via request_module()

🗓️ 26 Jan 2016 13:59:44Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 1 Views

Flaw in Linux kernel Crypto subsystem lets unprivileged users load any module via request_module(), increasing attack surface.

Reporter	Title	Published	Views	Family All 148
IBM Security Bulletins	Security Bulletin: Multiple Kernel vulnerabilities affect PowerKVM (Multiple CVEs)	18 Jun 201801:28	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM	18 Jun 201801:33	–	ibm
BDU FSTEC	Vulnerabilities of the Ubuntu operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	6 Jul 201600:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities of the Ubuntu operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	6 Jul 201600:00	–	bdu_fstec
Tenable Nessus	CentOS 7 : kernel (CESA-2015:2152)	2 Dec 201500:00	–	nessus
Tenable Nessus	Debian DSA-3170-1 : linux - security update	24 Feb 201500:00	–	nessus
Tenable Nessus	EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1485)	13 May 201900:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1532)	14 May 201900:00	–	nessus
Tenable Nessus	Mandriva Linux Security Advisory : kernel (MDVSA-2015:057)	19 Mar 201500:00	–	nessus
Tenable Nessus	Mandriva Linux Security Advisory : kernel (MDVSA-2015:058)	19 Mar 201500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	6	x86_64	kernel-rt	1:3.10.0-327.rt56.170.el6rt	kernel-rt-1:3.10.0-327.rt56.170.el6rt.x86_64.rpm
Red Hat Enterprise Linux	6	x86_64	kernel-rt-debug	1:3.10.0-327.rt56.170.el6rt	kernel-rt-debug-1:3.10.0-327.rt56.170.el6rt.x86_64.rpm
Red Hat Enterprise Linux	6	x86_64	kernel-rt-debug-debuginfo	1:3.10.0-327.rt56.170.el6rt	kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.170.el6rt.x86_64.rpm
Red Hat Enterprise Linux	6	x86_64	kernel-rt-debug-devel	1:3.10.0-327.rt56.170.el6rt	kernel-rt-debug-devel-1:3.10.0-327.rt56.170.el6rt.x86_64.rpm
Red Hat Enterprise Linux	6	x86_64	kernel-rt-debuginfo	1:3.10.0-327.rt56.170.el6rt	kernel-rt-debuginfo-1:3.10.0-327.rt56.170.el6rt.x86_64.rpm
Red Hat Enterprise Linux	6	x86_64	kernel-rt-debuginfo-common-x86_64	1:3.10.0-327.rt56.170.el6rt	kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.170.el6rt.x86_64.rpm
Red Hat Enterprise Linux	6	x86_64	kernel-rt-devel	1:3.10.0-327.rt56.170.el6rt	kernel-rt-devel-1:3.10.0-327.rt56.170.el6rt.x86_64.rpm
Red Hat Enterprise Linux	6	any	kernel-rt-doc	1:3.10.0-327.rt56.170.el6rt	kernel-rt-doc-1:3.10.0-327.rt56.170.el6rt.noarch.rpm
Red Hat Enterprise Linux	6	any	kernel-rt-firmware	1:3.10.0-327.rt56.170.el6rt	kernel-rt-firmware-1:3.10.0-327.rt56.170.el6rt.noarch.rpm
Red Hat Enterprise Linux	6	x86_64	kernel-rt-trace	1:3.10.0-327.rt56.170.el6rt	kernel-rt-trace-1:3.10.0-327.rt56.170.el6rt.x86_64.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2014-9644
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2014-9644
cve	www.cve.org/CVERecord

21 Nov 2025 17:54Current

6.6Medium risk

Vulners AI Score6.6

CVSS 22.1

EPSS0.00547

linux kernel crypto subsystem unprivileged user request_module module loading attack surface