CVE-2014-4699
CVSS v2.0
6.9 (Medium)
EPSS
0.04 % (0th)
Affected Products
3
Advisories
50
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.
Weaknesses
- CWE-362
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2014-07-09 11:07:03
(10 years ago) - Updated Date
-
2024-02-16 20:27:25
(7 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...