PT-2014-1942 · Linux+4 · Linux Kernel+4

Published

2014-12-31

Updated

2020-05-21

CVE-2014-9644

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions linux-image versions 3.13.0 through 3.16.0 linux-image versions prior to 3.18.5

Description The issue affects the Linux kernel, allowing local users to load arbitrary kernel modules via a bind system call for an AF ALG socket with a parenthesized module template expression in the salg name field. This can lead to a breach of confidentiality, integrity, and availability of protected information. The exploitation can be carried out locally.

Recommendations For linux-image versions 3.13.0 through 3.16.0, update to a version prior to 3.18.5 to resolve the issue. For linux-image versions prior to 3.18.5, update to version 3.18.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the AF ALG socket to minimize the risk of exploitation.

Exploit

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-17CWE-269

Related Identifiers

ALT-PU-2015-1118

ALT-PU-2015-1794

BDU:2015-09845

BDU:2015-09847

CESA-2015_2152

CVE-2014-9644

DSA-3170-1

MGASA-2015-0070

MGASA-2015-0075

MGASA-2015-0076

MGASA-2015-0077

MGASA-2015-0078

RHSA-2015:2152

RHSA-2015:2411

RHSA-2015_2152

RHSA-2015_2411

RHSA-2016:0068

USN-2513-1

USN-2514-1

USN-2543-1

USN-2544-1

USN-2545-1

USN-2546-1

Affected Products

Alt Linux

Centos

Linux Kernel

Red Hat

Ubuntu

PT-2014-1942 · Linux+4 · Linux Kernel+4

CVE-2014-9644

Weakness Enumeration

Related Identifiers

Affected Products

References · 117