CVE-2014-4508

Severity

47%

Complexity

34%

Confidentiality

115%

arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000.

arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000.

CVSS 2.0 Base Score 4.7. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:N/A:C).

Overview

Type

Linux

First reported 10 years ago

2014-06-23 11:21:00

Last updated 6 years ago

2018-12-18 14:39:00

Affected Software

Linux Kernel

Canonical Ubuntu Linux 12.04 LTS

12.04

References

[linux-kernel] 20140616 Re: 3.15: kernel BUG at kernel/auditsc.c:1525!

Third Party Advisory

SUSE-SU-2014:1316

Mailing List, Third Party Advisory

SUSE-SU-2014:1319

Mailing List, Third Party Advisory

openSUSE-SU-2015:0566

Mailing List, Third Party Advisory

[oss-security] 20140619 CVE request: Another Linux syscall auditing bug

Mailing List, Third Party Advisory

58964

Third Party Advisory

60564

Third Party Advisory

[oss-security] 20140620 Re: CVE request: Another Linux syscall auditing bug

Mailing List, Third Party Advisory

68126

Third Party Advisory, VDB Entry

USN-2334-1

Third Party Advisory

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.61

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.