Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2015-07010

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 15 Π΄Π΅ΠΊ. 2014
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: fstec
CVSS2: 7.2
EPSS Низкий

ОписаниС

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ ΠΏΠ°ΠΊΠ΅Ρ‚Π° kernel-doc-3.10.0 ΠΎΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½ΠΎΠΉ систСмы Red Hat Enterprise Linux, эксплуатация ΠΊΠΎΡ‚ΠΎΡ€ΠΎΠΉ ΠΌΠΎΠΆΠ΅Ρ‚ привСсти ΠΊ Π½Π°Ρ€ΡƒΡˆΠ΅Π½ΠΈΡŽ ΠΊΠΎΠ½Ρ„ΠΈΠ΄Π΅Π½Ρ†ΠΈΠ°Π»ΡŒΠ½ΠΎΡΡ‚ΠΈ, цСлостности ΠΈ доступности Π·Π°Ρ‰ΠΈΡ‰Π°Π΅ΠΌΠΎΠΉ ΠΈΠ½Ρ„ΠΎΡ€ΠΌΠ°Ρ†ΠΈΠΈ. Эксплуатация уязвимости осущСствляСтся локально

Π’Π΅Π½Π΄ΠΎΡ€

Red Hat Inc.

НаимСнованиС ПО

Red Hat Enterprise Linux

ВСрсия ПО

Workstation 7 (Red Hat Enterprise Linux)
Workstation 7 (Red Hat Enterprise Linux)
Workstation 7 (Red Hat Enterprise Linux)
Workstation 7 (Red Hat Enterprise Linux)
Server 7 (Red Hat Enterprise Linux)
Server 7 (Red Hat Enterprise Linux)
Server 7 (Red Hat Enterprise Linux)
Server 7 (Red Hat Enterprise Linux)
HPC Node 7 (Red Hat Enterprise Linux)
HPC Node 7 (Red Hat Enterprise Linux)
HPC Node 7 (Red Hat Enterprise Linux)
HPC Node 7 (Red Hat Enterprise Linux)
Desktop 7 (Red Hat Enterprise Linux)
Desktop 7 (Red Hat Enterprise Linux)
Desktop 7 (Red Hat Enterprise Linux)
Desktop 7 (Red Hat Enterprise Linux)

Вип ПО

ΠžΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½Π°Ρ систСма

ΠžΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½Ρ‹Π΅ систСмы ΠΈ Π°ΠΏΠΏΠ°Ρ€Π°Ρ‚Π½Ρ‹Π΅ ΠΏΠ»Π°Ρ‚Ρ„ΠΎΡ€ΠΌΡ‹

-

Π£Ρ€ΠΎΠ²Π΅Π½ΡŒ опасности уязвимости

Высокий ΡƒΡ€ΠΎΠ²Π΅Π½ΡŒ опасности (базовая ΠΎΡ†Π΅Π½ΠΊΠ° CVSS 2.0 составляСт 7,2)

Π’ΠΎΠ·ΠΌΠΎΠΆΠ½Ρ‹Π΅ ΠΌΠ΅Ρ€Ρ‹ ΠΏΠΎ ΡƒΡΡ‚Ρ€Π°Π½Π΅Π½ΠΈΡŽ уязвимости

ОбновлСниС ΠΏΠ°ΠΊΠ΅Ρ‚Π° Π΄ΠΎ Π±ΠΎΠ»Π΅Π΅ Π½ΠΎΠ²ΠΎΠΉ вСрсии. Π˜Π½Ρ„ΠΎΡ€ΠΌΠ°Ρ†ΠΈΡ ΠΎ вСрсии исправлСнного ΠΏΠ°ΠΊΠ΅Ρ‚Π° содСрТится Π² ΡƒΠ²Π΅Π΄ΠΎΠΌΠ»Π΅Π½ΠΈΠΈ бСзопасности:
https://rhn.redhat.com/errata/RHSA-2014-2010.html

Бтатус уязвимости

ΠŸΠΎΠ΄Ρ‚Π²Π΅Ρ€ΠΆΠ΄Π΅Π½Π° ΠΏΡ€ΠΎΠΈΠ·Π²ΠΎΠ΄ΠΈΡ‚Π΅Π»Π΅ΠΌ

НаличиС эксплойта

БущСствуСт Π² ΠΎΡ‚ΠΊΡ€Ρ‹Ρ‚ΠΎΠΌ доступС

Π˜Π½Ρ„ΠΎΡ€ΠΌΠ°Ρ†ΠΈΡ ΠΎΠ± устранСнии

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ устранСна

Бсылки Π½Π° источники

Π˜Π΄Π΅Π½Ρ‚ΠΈΡ„ΠΈΠΊΠ°Ρ‚ΠΎΡ€Ρ‹ Π΄Ρ€ΡƒΠ³ΠΈΡ… систСм описаний уязвимостСй

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 90%
0.05763
Низкий

7.2 High

CVSS2

БвязанныС уязвимости

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2014-9322

CVSS3: 7.8
ubuntu
большС 10 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2014-9322

CVSS3: 8.4
redhat
большС 10 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2014-9322

CVSS3: 7.8
nvd
большС 10 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2014-9322

CVSS3: 7.8
debian
большС 10 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-h8qx-jqqh-5mjc

CVSS3: 7.8
github
ΠΎΠΊΠΎΠ»ΠΎ 3 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 90%
0.05763
Низкий

7.2 High

CVSS2

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ BDU:2015-07010