Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2014-3534

Published: 01/08/2014 Updated: 03/10/2023
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 642
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Linux Kernel

Vulnerability Summary

arch/s390/kernel/ptrace.c in the Linux kernel prior to 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a crafted application that makes a ptrace system call.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

debian debian linux 7.0

Vendor Advisories

Debian CVElist Bug Report Logs: gdb fails on s390x with "Couldn't write registers: Invalid argument"
Debian Bug report logs - #728705 gdb fails on s390x with "Couldn't write registers: Invalid argument" Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Affects: gdb Reported by: Thibaut Paumard <thibaut@debianorg> Date: Mon, 4 Nov 2013 13:45:02 UTC Severity: importa ...
Debian Security Advisories: DSA-2992-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation: CVE-2014-3534 Martin Schwidefsky of IBM discovered that the ptrace subsystem does not properly sanitize the psw mask value On s390 systems, an unprivileged local user could use this flaw to set address space ...

References

CWE-269https://github.com/torvalds/linux/commit/dab6cf55f81a6e16b8147aed9a843e1691dcd318http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.8https://bugzilla.redhat.com/show_bug.cgi?id=1114089http://www.debian.org/security/2014/dsa-2992http://www.securitytracker.com/id/1030683http://www.securityfocus.com/bid/68940http://www.osvdb.org/109546http://secunia.com/advisories/60351http://secunia.com/advisories/59790https://exchange.xforce.ibmcloud.com/vulnerabilities/95069http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dab6cf55f81a6e16b8147aed9a843e1691dcd318https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728705https://www.debian.org/security/./dsa-2992
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute forceCVE-2024-24908open redirectCVE-2024-31497CVE-2023-45866CVE-2024-4135CVE-2024-25523cache poisoningCVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook