Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-7825

Опубликовано: 10 нояб. 2014
Источник: debian
EPSS Низкий

Описание

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed3.16.7-ckt2-1package
linuxnot-affectedwheezypackage
linux-2.6removedpackage
linux-2.6not-affectedsqueezepackage

Примечания

  • CONFIG_FTRACE_SYSCALL not enabled in squeeze

  • Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=086ba77a6db00ed858ff07451bedee197df868c9 (v3.18-rc3)

EPSS

Процентиль: 9%
0.00035
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2014-7825

CVSS3: 7.8
ubuntu
больше 10 лет назад

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application.

redhat логотип

CVE-2014-7825

redhat
больше 10 лет назад

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application.

nvd логотип

CVE-2014-7825

CVSS3: 7.8
nvd
больше 10 лет назад

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application.

github логотип

GHSA-p667-8g7r-xghf

CVSS3: 7.8
github
около 3 лет назад

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application.

oracle-oval логотип

ELSA-2015-3015

oracle-oval
больше 10 лет назад

ELSA-2015-3015: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 9%
0.00035
Низкий
Уязвимость CVE-2014-7825