Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2014-7826

Published: 10/11/2014 Updated: 13/02/2023
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 642
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Linux Kernel

Vulnerability Summary

kernel/trace/trace_syscalls.c in the Linux kernel up to and including 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

opensuse evergreen 11.4

suse suse linux enterprise server 11

Vendor Advisories

Ubuntu Security Notice: linux-ti-omap4 vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux regression
USN-2448-1 introduced a regression in the Linux kernel ...
Ubuntu Security Notice: linux-lts-utopic regression
USN-2447-1 introduced a regression in the Linux kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-lts-utopic vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Red Hat: CVE-2014-7826
An out-of-bounds memory access flaw, CVE-2014-7825, was found in the syscall tracing functionality of the Linux kernel's perf subsystem A local, unprivileged user could use this flaw to crash the system Additionally, an out-of-bounds memory access flaw, CVE-2014-7826, was found in the syscall tracing functionality of the Linux kernel's ftrace sub ...

References

CWE-476https://bugzilla.redhat.com/show_bug.cgi?id=1161565https://github.com/torvalds/linux/commit/086ba77a6db00ed858ff07451bedee197df868c9http://www.openwall.com/lists/oss-security/2014/11/06/11http://rhn.redhat.com/errata/RHSA-2014-1943.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0290.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.htmlhttp://www.securityfocus.com/bid/70971https://exchange.xforce.ibmcloud.com/vulnerabilities/98556http://rhn.redhat.com/errata/RHSA-2015-0864.htmlhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=086ba77a6db00ed858ff07451bedee197df868c9https://nvd.nist.govhttps://usn.ubuntu.com/2444-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook