Multiple vulnerabilities in Linux Kernel
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2014-9922 CVE-2014-8134 |
| CWE-ID | CWE-264 CWE-200 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system linux_kernel (Debian package) Operating systems & Components / Operating system package or component |
| Vendor |
Linux Foundation Debian |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Privilege escalation
EUVDB-ID: #VU8117
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2014-9922
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to improper privileges and access controls. A local attacker can provide a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c and gain root privileges on the system.
Update to version 4.0.
Linux kernel: 2.6.13.1 - 3.16.43-2+deb8u2
linux_kernel (Debian package): 3.2.78-1 - 3.16.36-1+deb8u1
CPE2.3- cpe:2.3:o:linux_foundation:linux_kernel:3.10:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.16.43-2 deb8u2:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.2.89-2:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.8:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.9:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.5.5:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.4.32:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.3.8:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.1.10:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.0.68:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:2.6.33.7:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.14.72:*:*:*:*:*:*:*
- cpe:2.3:o:debian:linux_kernel_debian_package:3.16.36-1 deb8u1:*:*:*:*:*:*:*
- cpe:2.3:o:debian:linux_kernel_debian_package:3.16.7-ckt25-2:*:*:*:*:*:*:*
- cpe:2.3:o:debian:linux_kernel_debian_package:3.2.81-2:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU3909
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2014-8134
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to obtain potentially sensitive information on the target system.
The weakness exists in the paravirt_ops_setup function in arch/x86/kernel/kvm.c due to use of an improper paravirt_enabled setting for KVM guest kernels. An adjacent attacker can submit a specially crafted application that reads a 16-bit value, bypass the ASLR protection mechanism and gain access to potentially sensitive information.
Update to version 3.19.
Vulnerable software versionsLinux kernel: 3.18
CPE2.3 External linkshttp://www.spinics.net/lists/kvm/msg111458.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
