[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-1438Date: (C)2014-01-21   (M)2024-04-17


The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service (task kill) or possibly gain privileges via a crafted application.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.7
Exploit Score: 3.4
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
SECTRACK-1029592
BID-64781
FEDORA-2014-1062
FEDORA-2014-1072
MDVSA-2014:038
USN-2113-1
USN-2117-1
USN-2133-1
USN-2134-1
USN-2135-1
USN-2136-1
USN-2138-1
USN-2139-1
USN-2141-1
https://lkml.org/lkml/2014/1/9/637
http://www.openwall.com/lists/oss-security/2014/01/14/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26bef1318adc1b3a530ecc807ef99346db2aa8b0
http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8
https://bugzilla.redhat.com/show_bug.cgi?id=1052914
https://github.com/torvalds/linux/commit/26bef1318adc1b3a530ecc807ef99346db2aa8b0

CPE    8
cpe:/o:linux:linux_kernel:3.12
cpe:/o:linux:linux_kernel
cpe:/o:linux:linux_kernel:3.12.1
cpe:/o:linux:linux_kernel:3.12.4
...
CWE    1
CWE-264
OVAL    60
oval:org.secpod.oval:def:106468
oval:org.secpod.oval:def:108483
oval:org.secpod.oval:def:108880
oval:org.secpod.oval:def:106466
...

© SecPod Technologies