Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2014-9090

Published: 30/11/2014 Updated: 07/11/2023
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
VMScore: 437
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Linux Kernel

Vulnerability Summary

The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel up to and including 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel 3.0.25

linux linux kernel 3.15.8

linux linux kernel 3.1.2

linux linux kernel 3.10.8

linux linux kernel 3.15.1

linux linux kernel 3.0

linux linux kernel 3.0.22

linux linux kernel 3.12

linux linux kernel 3.0.5

linux linux kernel 3.0.68

linux linux kernel 3.14

linux linux kernel 3.13.1

linux linux kernel 3.0.38

linux linux kernel 3.13.10

linux linux kernel 3.1

linux linux kernel 3.0.63

linux linux kernel 3.0.46

linux linux kernel 3.10.24

linux linux kernel 3.13.11

linux linux kernel 3.0.47

linux linux kernel 3.0.48

linux linux kernel 3.15.3

linux linux kernel 3.0.18

linux linux kernel 3.14.3

linux linux kernel 3.11.8

linux linux kernel 3.15.6

linux linux kernel 3.0.6

linux linux kernel 3.14.1

linux linux kernel 3.0.36

linux linux kernel 3.0.35

linux linux kernel 3.10.6

linux linux kernel 3.0.11

linux linux kernel 3.17.2

linux linux kernel 3.12.14

linux linux kernel 3.0.58

linux linux kernel 3.0.34

linux linux kernel 3.15.4

linux linux kernel 3.10.1

linux linux kernel 3.10.7

linux linux kernel 3.11.10

linux linux kernel 3.13.6

linux linux kernel 3.0.32

linux linux kernel 3.13.4

linux linux kernel 3.2

linux linux kernel 3.0.52

linux linux kernel 3.0.51

linux linux kernel 3.11.1

linux linux kernel 3.10.15

linux linux kernel 3.12.15

linux linux kernel 3.0.57

linux linux kernel 3.11

linux linux kernel 3.13

linux linux kernel 3.0.19

linux linux kernel 3.0.37

linux linux kernel 3.0.4

linux linux kernel 3.0.27

linux linux kernel

linux linux kernel 3.11.9

linux linux kernel 3.10.26

linux linux kernel 3.10

linux linux kernel 3.10.5

linux linux kernel 3.12.6

linux linux kernel 3.0.42

linux linux kernel 3.0.23

linux linux kernel 3.0.62

linux linux kernel 3.16.0

linux linux kernel 3.0.49

linux linux kernel 3.10.20

linux linux kernel 3.0.8

linux linux kernel 3.10.9

linux linux kernel 3.10.2

linux linux kernel 3.13.3

linux linux kernel 3.13.2

linux linux kernel 3.10.10

linux linux kernel 3.13.5

linux linux kernel 3.10.18

linux linux kernel 3.13.9

linux linux kernel 3.0.64

linux linux kernel 3.0.40

linux linux kernel 3.0.33

linux linux kernel 3.12.7

linux linux kernel 3.0.28

linux linux kernel 3.10.29

linux linux kernel 3.14.2

linux linux kernel 3.11.4

linux linux kernel 3.14.4

linux linux kernel 3.12.8

linux linux kernel 3.10.12

linux linux kernel 3.0.54

linux linux kernel 3.10.19

linux linux kernel 3.10.28

linux linux kernel 3.0.13

linux linux kernel 3.0.55

linux linux kernel 3.17

linux linux kernel 3.0.10

linux linux kernel 3.10.16

linux linux kernel 3.0.1

linux linux kernel 3.1.6

linux linux kernel 3.12.4

linux linux kernel 3.12.12

linux linux kernel 3.11.7

linux linux kernel 3.12.5

linux linux kernel 3.11.3

linux linux kernel 3.10.4

linux linux kernel 3.0.17

linux linux kernel 3.1.3

linux linux kernel 3.16.1

linux linux kernel 3.10.3

linux linux kernel 3.10.23

linux linux kernel 3.1.9

linux linux kernel 3.0.44

linux linux kernel 3.12.17

linux linux kernel 3.0.16

linux linux kernel 3.0.21

linux linux kernel 3.0.7

linux linux kernel 3.0.61

linux linux kernel 3.11.6

linux linux kernel 3.17.1

linux linux kernel 3.1.5

linux linux kernel 3.1.8

linux linux kernel 3.12.3

linux linux kernel 3.10.13

linux linux kernel 3.0.20

linux linux kernel 3.12.1

linux linux kernel 3.0.24

linux linux kernel 3.0.15

linux linux kernel 3.0.45

linux linux kernel 3.0.39

linux linux kernel 3.12.16

linux linux kernel 3.10.0

linux linux kernel 3.0.2

linux linux kernel 3.10.22

linux linux kernel 3.0.67

linux linux kernel 3.12.11

linux linux kernel 3.0.59

linux linux kernel 3.12.9

linux linux kernel 3.12.10

linux linux kernel 3.15.7

linux linux kernel 3.11.2

linux linux kernel 3.0.60

linux linux kernel 3.1.7

linux linux kernel 3.1.1

linux linux kernel 3.15.2

linux linux kernel 3.0.56

linux linux kernel 3.15

linux linux kernel 3.12.2

linux linux kernel 3.0.12

linux linux kernel 3.10.17

linux linux kernel 3.10.11

linux linux kernel 3.15.5

linux linux kernel 3.13.8

linux linux kernel 3.1.10

linux linux kernel 3.10.27

linux linux kernel 3.10.21

linux linux kernel 3.0.66

linux linux kernel 3.12.13

linux linux kernel 3.0.3

linux linux kernel 3.14.5

linux linux kernel 3.0.65

linux linux kernel 3.0.53

linux linux kernel 3.0.9

linux linux kernel 3.0.26

linux linux kernel 3.1.4

linux linux kernel 3.0.43

linux linux kernel 3.0.30

linux linux kernel 3.0.31

linux linux kernel 3.0.29

linux linux kernel 3.0.50

linux linux kernel 3.0.14

linux linux kernel 3.11.5

linux linux kernel 3.10.25

linux linux kernel 3.0.41

linux linux kernel 3.10.14

linux linux kernel 3.13.7

Vendor Advisories

Debian Security Advisories: DSA-3093-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation: CVE-2014-7841 Liu Wei of Red Hat discovered that a SCTP server doing ASCONF will panic on malformed INIT chunks by triggering a NULL pointer dereference CVE-2014-8369 A flaw was discovered in the way iommu ...
Amazon Linux AMI: ALAS-2014-455
The sctp_process_param function in net/sctp/sm_make_chunkc in the SCTP implementation in the Linux kernel before 3174, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk (CVE-2014-7841) The pivot_root implementation in fs/namespacec in the Linux kerne ...
Ubuntu Security Notice: linux-ec2 vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux regression
USN-2448-1 introduced a regression in the Linux kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-lts-utopic regression
USN-2447-1 introduced a regression in the Linux kernel ...
Ubuntu Security Notice: linux-ti-omap4 vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-lts-utopic vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...

References

CWE-17http://www.openwall.com/lists/oss-security/2014/11/26/5https://github.com/torvalds/linux/commit/6f442be2fb22be02cafa606f1769fa1e6f894441http://secunia.com/advisories/62336http://www.debian.org/security/2014/dsa-3093http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.htmlhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f442be2fb22be02cafa606f1769fa1e6f894441https://nvd.nist.govhttps://www.debian.org/security/./dsa-3093https://usn.ubuntu.com/2442-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook