Multiple vulnerabilities in Linux kernel
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2014-4157 CVE-2014-4014 |
| CWE-ID | CWE-264 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Linux kernel Operating systems & Components / Operating system |
| Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU41526
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2014-4157
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 on the MIPS platform does not configure _TIF_SECCOMP checks on the fast system-call path, which allows local users to bypass intended PR_SET_SECCOMP restrictions by executing a crafted application without invoking a trace or audit subsystem.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 3.14.1 - 3.14.7
CPE2.3- cpe:2.3:o:linux_foundation:linux_kernel:3.14.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.14.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.14.3:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.14.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.14.5:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.14.6:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.14.7:*:*:*:*:*:*:*
https://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=137f7df8cead00688524c82360930845396b8a21
https://openwall.com/lists/oss-security/2014/06/16/1
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8
https://www.openwall.com/lists/oss-security/2014/06/17/17
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751417
https://github.com/torvalds/linux/commit/137f7df8cead00688524c82360930845396b8a21
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU41535
Risk: Medium
CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2014-4014
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 3.14.1 - 3.14.7
CPE2.3- cpe:2.3:o:linux_foundation:linux_kernel:3.14.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.14.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.14.3:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.14.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.14.5:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.14.6:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.14.7:*:*:*:*:*:*:*
https://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=23adbe12ef7d3d4195e80800ab36b37bee28cd03
https://secunia.com/advisories/59220
https://www.exploit-db.com/exploits/33824
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8
https://www.openwall.com/lists/oss-security/2014/06/10/4
https://www.securityfocus.com/bid/67988
https://www.securitytracker.com/id/1030394
https://bugzilla.redhat.com/show_bug.cgi?id=1107966
https://github.com/torvalds/linux/commit/23adbe12ef7d3d4195e80800ab36b37bee28cd03
https://source.android.com/security/bulletin/2016-12-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
