The Crypto API in the Linux kernel prior to 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.10 |
||
canonical ubuntu linux 14.04 |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |
||
linux linux kernel |
||
oracle linux 5 |
||
oracle linux 6 |
||
oracle linux 7 |