Novell Home

CVE-2014-4699

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2014-4699 at MITRE

Description

The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.

NVD CVSS v2 Base Score: 6.9 (AV:L/AC:M/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 885725

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise High Availability Extension 11 SP3
  • cluster-network-kmp-default >= 1.4_3.0.101_0.35-2.27.78
  • cluster-network-kmp-pae >= 1.4_3.0.101_0.35-2.27.78
  • cluster-network-kmp-trace >= 1.4_3.0.101_0.35-2.27.78
  • cluster-network-kmp-xen >= 1.4_3.0.101_0.35-2.27.78
  • gfs2-kmp-default >= 2_3.0.101_0.35-0.16.84
  • gfs2-kmp-pae >= 2_3.0.101_0.35-0.16.84
  • gfs2-kmp-trace >= 2_3.0.101_0.35-0.16.84
  • gfs2-kmp-xen >= 2_3.0.101_0.35-0.16.84
  • ocfs2-kmp-default >= 1.6_3.0.101_0.35-0.20.78
  • ocfs2-kmp-pae >= 1.6_3.0.101_0.35-0.20.78
  • ocfs2-kmp-trace >= 1.6_3.0.101_0.35-0.20.78
  • ocfs2-kmp-xen >= 1.6_3.0.101_0.35-0.20.78
Builds
SAT Patch Nr: 9488
SUSE Linux Enterprise Desktop 11 SP3
  • kernel-default >= 3.0.101-0.35.1
  • kernel-default-base >= 3.0.101-0.35.1
  • kernel-default-devel >= 3.0.101-0.35.1
  • kernel-default-extra >= 3.0.101-0.35.1
  • kernel-pae >= 3.0.101-0.35.1
  • kernel-pae-base >= 3.0.101-0.35.1
  • kernel-pae-devel >= 3.0.101-0.35.1
  • kernel-pae-extra >= 3.0.101-0.35.1
  • kernel-source >= 3.0.101-0.35.1
  • kernel-syms >= 3.0.101-0.35.1
  • kernel-trace-devel >= 3.0.101-0.35.1
  • kernel-xen >= 3.0.101-0.35.1
  • kernel-xen-base >= 3.0.101-0.35.1
  • kernel-xen-devel >= 3.0.101-0.35.1
  • kernel-xen-extra >= 3.0.101-0.35.1
  • xen-kmp-default >= 4.2.4_02_3.0.101_0.35-0.7.45
  • xen-kmp-pae >= 4.2.4_02_3.0.101_0.35-0.7.45
Builds
SAT Patch Nr: 9488
SUSE Linux Enterprise Server 11 SP3 for VMware
  • kernel-default >= 3.0.101-0.35.1
  • kernel-default-base >= 3.0.101-0.35.1
  • kernel-default-devel >= 3.0.101-0.35.1
  • kernel-pae >= 3.0.101-0.35.1
  • kernel-pae-base >= 3.0.101-0.35.1
  • kernel-pae-devel >= 3.0.101-0.35.1
  • kernel-source >= 3.0.101-0.35.1
  • kernel-syms >= 3.0.101-0.35.1
  • kernel-trace >= 3.0.101-0.35.1
  • kernel-trace-base >= 3.0.101-0.35.1
  • kernel-trace-devel >= 3.0.101-0.35.1
  • kernel-xen-devel >= 3.0.101-0.35.1
Builds
SAT Patch Nr: 9488
SUSE Linux Enterprise Server 11 SP3
  • kernel-default >= 3.0.101-0.35.1
  • kernel-default-base >= 3.0.101-0.35.1
  • kernel-default-devel >= 3.0.101-0.35.1
  • kernel-ec2 >= 3.0.101-0.35.1
  • kernel-ec2-base >= 3.0.101-0.35.1
  • kernel-ec2-devel >= 3.0.101-0.35.1
  • kernel-pae >= 3.0.101-0.35.1
  • kernel-pae-base >= 3.0.101-0.35.1
  • kernel-pae-devel >= 3.0.101-0.35.1
  • kernel-source >= 3.0.101-0.35.1
  • kernel-syms >= 3.0.101-0.35.1
  • kernel-trace >= 3.0.101-0.35.1
  • kernel-trace-base >= 3.0.101-0.35.1
  • kernel-trace-devel >= 3.0.101-0.35.1
  • kernel-xen >= 3.0.101-0.35.1
  • kernel-xen-base >= 3.0.101-0.35.1
  • kernel-xen-devel >= 3.0.101-0.35.1
  • xen-kmp-default >= 4.2.4_02_3.0.101_0.35-0.7.45
  • xen-kmp-pae >= 4.2.4_02_3.0.101_0.35-0.7.45
Builds
SAT Patch Nr: 9488
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 3.0.101-0.35.1
  • kernel-xen-extra >= 3.0.101-0.35.1
Builds
SAT Patch Nr: 9499
SUSE Linux Enterprise High Availability Extension 11 SP3
  • cluster-network-kmp-default >= 1.4_3.0.101_0.35-2.27.78
  • cluster-network-kmp-trace >= 1.4_3.0.101_0.35-2.27.78
  • gfs2-kmp-default >= 2_3.0.101_0.35-0.16.84
  • gfs2-kmp-trace >= 2_3.0.101_0.35-0.16.84
  • ocfs2-kmp-default >= 1.6_3.0.101_0.35-0.20.78
  • ocfs2-kmp-trace >= 1.6_3.0.101_0.35-0.20.78
Builds
SAT Patch Nr: 9491
SUSE Linux Enterprise Server 11 SP3
  • kernel-default >= 3.0.101-0.35.1
  • kernel-default-base >= 3.0.101-0.35.1
  • kernel-default-devel >= 3.0.101-0.35.1
  • kernel-default-man >= 3.0.101-0.35.1
  • kernel-source >= 3.0.101-0.35.1
  • kernel-syms >= 3.0.101-0.35.1
  • kernel-trace >= 3.0.101-0.35.1
  • kernel-trace-base >= 3.0.101-0.35.1
  • kernel-trace-devel >= 3.0.101-0.35.1
Builds
SAT Patch Nr: 9491
SUSE Linux Enterprise Server 11 SP2 LTSS
  • kernel-default >= 3.0.101-0.7.23.1
  • kernel-default-base >= 3.0.101-0.7.23.1
  • kernel-default-devel >= 3.0.101-0.7.23.1
  • kernel-ec2 >= 3.0.101-0.7.23.1
  • kernel-ec2-base >= 3.0.101-0.7.23.1
  • kernel-ec2-devel >= 3.0.101-0.7.23.1
  • kernel-source >= 3.0.101-0.7.23.1
  • kernel-syms >= 3.0.101-0.7.23.1
  • kernel-trace >= 3.0.101-0.7.23.1
  • kernel-trace-base >= 3.0.101-0.7.23.1
  • kernel-trace-devel >= 3.0.101-0.7.23.1
  • kernel-xen >= 3.0.101-0.7.23.1
  • kernel-xen-base >= 3.0.101-0.7.23.1
  • kernel-xen-devel >= 3.0.101-0.7.23.1
Builds
SAT Patch Nr: 9632
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 3.0.101-0.35.1
Builds
SAT Patch Nr: 9495
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 3.0.101-0.35.1
  • kernel-pae-extra >= 3.0.101-0.35.1
  • kernel-xen-extra >= 3.0.101-0.35.1
Builds
SAT Patch Nr: 9494
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 3.0.101-0.7.23.1
  • kernel-xen-extra >= 3.0.101-0.7.23.1
Builds
SAT Patch Nr: 9701
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 3.0.101-0.35.1
  • kernel-ppc64-extra >= 3.0.101-0.35.1
Builds
SAT Patch Nr: 9496
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 3.0.101-0.7.23.1
Builds
SAT Patch Nr: 9700
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 3.0.101-0.7.23.1
  • kernel-pae-extra >= 3.0.101-0.7.23.1
  • kernel-xen-extra >= 3.0.101-0.7.23.1
Builds
SAT Patch Nr: 9699
SUSE Linux Enterprise Server 11 SP2 LTSS
  • kernel-default >= 3.0.101-0.7.23.1
  • kernel-default-base >= 3.0.101-0.7.23.1
  • kernel-default-devel >= 3.0.101-0.7.23.1
  • kernel-ec2 >= 3.0.101-0.7.23.1
  • kernel-ec2-base >= 3.0.101-0.7.23.1
  • kernel-ec2-devel >= 3.0.101-0.7.23.1
  • kernel-pae >= 3.0.101-0.7.23.1
  • kernel-pae-base >= 3.0.101-0.7.23.1
  • kernel-pae-devel >= 3.0.101-0.7.23.1
  • kernel-source >= 3.0.101-0.7.23.1
  • kernel-syms >= 3.0.101-0.7.23.1
  • kernel-trace >= 3.0.101-0.7.23.1
  • kernel-trace-base >= 3.0.101-0.7.23.1
  • kernel-trace-devel >= 3.0.101-0.7.23.1
  • kernel-xen >= 3.0.101-0.7.23.1
  • kernel-xen-base >= 3.0.101-0.7.23.1
  • kernel-xen-devel >= 3.0.101-0.7.23.1
Builds
SAT Patch Nr: 9630
SUSE Linux Enterprise Server 11 SP2 LTSS
  • kernel-default >= 3.0.101-0.7.23.1
  • kernel-default-base >= 3.0.101-0.7.23.1
  • kernel-default-devel >= 3.0.101-0.7.23.1
  • kernel-default-man >= 3.0.101-0.7.23.1
  • kernel-source >= 3.0.101-0.7.23.1
  • kernel-syms >= 3.0.101-0.7.23.1
  • kernel-trace >= 3.0.101-0.7.23.1
  • kernel-trace-base >= 3.0.101-0.7.23.1
  • kernel-trace-devel >= 3.0.101-0.7.23.1
Builds
SAT Patch Nr: 9631
SUSE Linux Enterprise Server 11 SP1 LTSS
  • kernel-default >= 2.6.32.59-0.15.2
  • kernel-default-base >= 2.6.32.59-0.15.2
  • kernel-default-devel >= 2.6.32.59-0.15.2
  • kernel-ec2 >= 2.6.32.59-0.15.2
  • kernel-ec2-base >= 2.6.32.59-0.15.2
  • kernel-ec2-devel >= 2.6.32.59-0.15.2
  • kernel-source >= 2.6.32.59-0.15.2
  • kernel-syms >= 2.6.32.59-0.15.2
  • kernel-trace >= 2.6.32.59-0.15.2
  • kernel-trace-base >= 2.6.32.59-0.15.2
  • kernel-trace-devel >= 2.6.32.59-0.15.2
  • kernel-xen >= 2.6.32.59-0.15.2
  • kernel-xen-base >= 2.6.32.59-0.15.2
  • kernel-xen-devel >= 2.6.32.59-0.15.2
  • xen-kmp-default >= 4.0.3_21548_16_2.6.32.59_0.15-0.5.26
  • xen-kmp-trace >= 4.0.3_21548_16_2.6.32.59_0.15-0.5.26
Builds
SAT Patch Nr: 9658
SUSE Linux Enterprise High Availability Extension 11 SP3
  • cluster-network-kmp-default >= 1.4_3.0.101_0.35-2.27.78
  • cluster-network-kmp-trace >= 1.4_3.0.101_0.35-2.27.78
  • cluster-network-kmp-xen >= 1.4_3.0.101_0.35-2.27.78
  • gfs2-kmp-default >= 2_3.0.101_0.35-0.16.84
  • gfs2-kmp-trace >= 2_3.0.101_0.35-0.16.84
  • gfs2-kmp-xen >= 2_3.0.101_0.35-0.16.84
  • ocfs2-kmp-default >= 1.6_3.0.101_0.35-0.20.78
  • ocfs2-kmp-trace >= 1.6_3.0.101_0.35-0.20.78
  • ocfs2-kmp-xen >= 1.6_3.0.101_0.35-0.20.78
Builds
SAT Patch Nr: 9493
SUSE Linux Enterprise Desktop 11 SP3
  • kernel-default >= 3.0.101-0.35.1
  • kernel-default-base >= 3.0.101-0.35.1
  • kernel-default-devel >= 3.0.101-0.35.1
  • kernel-default-extra >= 3.0.101-0.35.1
  • kernel-source >= 3.0.101-0.35.1
  • kernel-syms >= 3.0.101-0.35.1
  • kernel-trace-devel >= 3.0.101-0.35.1
  • kernel-xen >= 3.0.101-0.35.1
  • kernel-xen-base >= 3.0.101-0.35.1
  • kernel-xen-devel >= 3.0.101-0.35.1
  • kernel-xen-extra >= 3.0.101-0.35.1
  • xen-kmp-default >= 4.2.4_02_3.0.101_0.35-0.7.45
Builds
SAT Patch Nr: 9493
SUSE Linux Enterprise Server 11 SP3 for VMware
  • kernel-default >= 3.0.101-0.35.1
  • kernel-default-base >= 3.0.101-0.35.1
  • kernel-default-devel >= 3.0.101-0.35.1
  • kernel-source >= 3.0.101-0.35.1
  • kernel-syms >= 3.0.101-0.35.1
  • kernel-trace >= 3.0.101-0.35.1
  • kernel-trace-base >= 3.0.101-0.35.1
  • kernel-trace-devel >= 3.0.101-0.35.1
  • kernel-xen-devel >= 3.0.101-0.35.1
Builds
SAT Patch Nr: 9493
SUSE Linux Enterprise Server 11 SP3
  • kernel-default >= 3.0.101-0.35.1
  • kernel-default-base >= 3.0.101-0.35.1
  • kernel-default-devel >= 3.0.101-0.35.1
  • kernel-ec2 >= 3.0.101-0.35.1
  • kernel-ec2-base >= 3.0.101-0.35.1
  • kernel-ec2-devel >= 3.0.101-0.35.1
  • kernel-source >= 3.0.101-0.35.1
  • kernel-syms >= 3.0.101-0.35.1
  • kernel-trace >= 3.0.101-0.35.1
  • kernel-trace-base >= 3.0.101-0.35.1
  • kernel-trace-devel >= 3.0.101-0.35.1
  • kernel-xen >= 3.0.101-0.35.1
  • kernel-xen-base >= 3.0.101-0.35.1
  • kernel-xen-devel >= 3.0.101-0.35.1
  • xen-kmp-default >= 4.2.4_02_3.0.101_0.35-0.7.45
Builds
SAT Patch Nr: 9493
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 2.6.32.59-0.15.2
  • kernel-pae-extra >= 2.6.32.59-0.15.2
  • kernel-xen-extra >= 2.6.32.59-0.15.2
Builds
SAT Patch Nr: 9696
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 2.6.32.59-0.15.2
Builds
SAT Patch Nr: 9697
SUSE Linux Enterprise High Availability Extension 11 SP3
  • cluster-network-kmp-default >= 1.4_3.0.101_0.35-2.27.78
  • cluster-network-kmp-trace >= 1.4_3.0.101_0.35-2.27.78
  • gfs2-kmp-default >= 2_3.0.101_0.35-0.16.84
  • gfs2-kmp-trace >= 2_3.0.101_0.35-0.16.84
  • ocfs2-kmp-default >= 1.6_3.0.101_0.35-0.20.78
  • ocfs2-kmp-trace >= 1.6_3.0.101_0.35-0.20.78
Builds
SAT Patch Nr: 9489
SUSE Linux Enterprise Server 11 SP3
  • kernel-default >= 3.0.101-0.35.1
  • kernel-default-base >= 3.0.101-0.35.1
  • kernel-default-devel >= 3.0.101-0.35.1
  • kernel-source >= 3.0.101-0.35.1
  • kernel-syms >= 3.0.101-0.35.1
  • kernel-trace >= 3.0.101-0.35.1
  • kernel-trace-base >= 3.0.101-0.35.1
  • kernel-trace-devel >= 3.0.101-0.35.1
Builds
SAT Patch Nr: 9489
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 2.6.32.59-0.15.2
  • kernel-xen-extra >= 2.6.32.59-0.15.2
Builds
SAT Patch Nr: 9698
SUSE Linux Enterprise Real Time Extension 11 SP3
  • cluster-network-kmp-rt >= 1.4_3.0.101_rt130_0.24-2.27.79
  • cluster-network-kmp-rt_trace >= 1.4_3.0.101_rt130_0.24-2.27.79
  • drbd-kmp-rt >= 8.4.4_3.0.101_rt130_0.24-0.22.45
  • drbd-kmp-rt_trace >= 8.4.4_3.0.101_rt130_0.24-0.22.45
  • iscsitarget-kmp-rt >= 1.4.20_3.0.101_rt130_0.24-0.38.64
  • iscsitarget-kmp-rt_trace >= 1.4.20_3.0.101_rt130_0.24-0.38.64
  • kernel-rt >= 3.0.101.rt130-0.24.1
  • kernel-rt-base >= 3.0.101.rt130-0.24.1
  • kernel-rt-devel >= 3.0.101.rt130-0.24.1
  • kernel-rt_trace >= 3.0.101.rt130-0.24.1
  • kernel-rt_trace-base >= 3.0.101.rt130-0.24.1
  • kernel-rt_trace-devel >= 3.0.101.rt130-0.24.1
  • kernel-source-rt >= 3.0.101.rt130-0.24.1
  • kernel-syms-rt >= 3.0.101.rt130-0.24.1
  • lttng-modules-kmp-rt >= 2.1.1_3.0.101_rt130_0.24-0.11.57
  • lttng-modules-kmp-rt_trace >= 2.1.1_3.0.101_rt130_0.24-0.11.57
  • ocfs2-kmp-rt >= 1.6_3.0.101_rt130_0.24-0.20.79
  • ocfs2-kmp-rt_trace >= 1.6_3.0.101_rt130_0.24-0.20.79
  • ofed-kmp-rt >= 1.5.4.1_3.0.101_rt130_0.24-0.13.70
  • ofed-kmp-rt_trace >= 1.5.4.1_3.0.101_rt130_0.24-0.13.70
Builds
SAT Patch Nr: 9504
SUSE Linux Enterprise Server 11 SP1 LTSS
  • kernel-default >= 2.6.32.59-0.15.2
  • kernel-default-base >= 2.6.32.59-0.15.2
  • kernel-default-devel >= 2.6.32.59-0.15.2
  • kernel-ec2 >= 2.6.32.59-0.15.2
  • kernel-ec2-base >= 2.6.32.59-0.15.2
  • kernel-ec2-devel >= 2.6.32.59-0.15.2
  • kernel-pae >= 2.6.32.59-0.15.2
  • kernel-pae-base >= 2.6.32.59-0.15.2
  • kernel-pae-devel >= 2.6.32.59-0.15.2
  • kernel-source >= 2.6.32.59-0.15.2
  • kernel-syms >= 2.6.32.59-0.15.2
  • kernel-trace >= 2.6.32.59-0.15.2
  • kernel-trace-base >= 2.6.32.59-0.15.2
  • kernel-trace-devel >= 2.6.32.59-0.15.2
  • kernel-xen >= 2.6.32.59-0.15.2
  • kernel-xen-base >= 2.6.32.59-0.15.2
  • kernel-xen-devel >= 2.6.32.59-0.15.2
  • xen-kmp-default >= 4.0.3_21548_16_2.6.32.59_0.15-0.5.26
  • xen-kmp-pae >= 4.0.3_21548_16_2.6.32.59_0.15-0.5.26
  • xen-kmp-trace >= 4.0.3_21548_16_2.6.32.59_0.15-0.5.26
Builds
SAT Patch Nr: 9660
SUSE Linux Enterprise High Availability Extension 11 SP3
  • cluster-network-kmp-default >= 1.4_3.0.101_0.35-2.27.78
  • cluster-network-kmp-ppc64 >= 1.4_3.0.101_0.35-2.27.78
  • cluster-network-kmp-trace >= 1.4_3.0.101_0.35-2.27.78
  • gfs2-kmp-default >= 2_3.0.101_0.35-0.16.84
  • gfs2-kmp-ppc64 >= 2_3.0.101_0.35-0.16.84
  • gfs2-kmp-trace >= 2_3.0.101_0.35-0.16.84
  • ocfs2-kmp-default >= 1.6_3.0.101_0.35-0.20.78
  • ocfs2-kmp-ppc64 >= 1.6_3.0.101_0.35-0.20.78
  • ocfs2-kmp-trace >= 1.6_3.0.101_0.35-0.20.78
Builds
SAT Patch Nr: 9490
SUSE Linux Enterprise Server 11 SP3
  • kernel-default >= 3.0.101-0.35.1
  • kernel-default-base >= 3.0.101-0.35.1
  • kernel-default-devel >= 3.0.101-0.35.1
  • kernel-ppc64 >= 3.0.101-0.35.1
  • kernel-ppc64-base >= 3.0.101-0.35.1
  • kernel-ppc64-devel >= 3.0.101-0.35.1
  • kernel-source >= 3.0.101-0.35.1
  • kernel-syms >= 3.0.101-0.35.1
  • kernel-trace >= 3.0.101-0.35.1
  • kernel-trace-base >= 3.0.101-0.35.1
  • kernel-trace-devel >= 3.0.101-0.35.1
Builds
SAT Patch Nr: 9490
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 3.0.101-0.35.1
Builds
SAT Patch Nr: 9497

© 2014 Novell