CVE-2014-4508

Kernel: x86_32: BUG in syscall auditing

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000.

arch/x86/kernel/entry_32.S en el kernel de Linux hasta 3.15.1 en plataformas de 32-bit x86, cuando la auditoria de llamadas de sistema está habilitada y la etiqueta de la funcionalidad de la CPU sep está configurada, permite a usuarios locales causar una denegación de servicio (OOPS y caída del sistema) a través de un número de llamada de sistema inválido, tal y como fue demostrado por el número 1000.

A flaw was found in the Linux kernel’s system-call auditing support(CONFIG_AUDITSYSCALL) for 32-bit platforms. It is vulnerable to a crash caused by erroneous handling of bad system call numerals. This issue occurs during syscall(2) calls if system-call auditing is enabled on the system. This flaw allows an unprivileged user or process to crash the system kernel, resulting in a denial of service. The highest threat from this vulnerability is system availability.

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-06-20 CVE Reserved
2014-06-23 CVE Published
2023-03-08 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-189: Numeric Errors
CWE-391: Unchecked Error Condition

CAPEC

References (14)

URL	Tag	Source
http://article.gmane.org/gmane.linux.kernel/1726110	Mailing List
http://openwall.com/lists/oss-security/2014/06/20/1	Mailing List
http://secunia.com/advisories/58964	Third Party Advisory
http://secunia.com/advisories/60564	Third Party Advisory
http://www.openwall.com/lists/oss-security/2014/06/20/10	Mailing List
http://www.openwall.com/lists/oss-security/2020/11/12/3	Mailing List
http://www.securityfocus.com/bid/68126	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html	2020-11-12
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html	2020-11-12
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html	2020-11-12
http://www.ubuntu.com/usn/USN-2334-1	2020-11-12
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.61	2020-11-12
https://access.redhat.com/security/cve/CVE-2014-4508	2021-01-19
https://bugzilla.redhat.com/show_bug.cgi?id=1111590	2021-01-19

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				<= 3.15.1 Search vendor "Linux" for product "Linux Kernel" and version " <= 3.15.1"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"		lts		Affected