CVE-2014-9419 in Linux Kernelinfo

Summary

The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address.

Reservation

12/25/2014

Disclosure

12/25/2014

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
73384	Linux Kernel Thread Local Storage __switch_to information disclosure	200	Not defined	Official fix	CVE-2014-9419
68463	Linux Kernel TLS Descriptor switch_to information disclosure	200	Unproven	Official fix	CVE-2014-9419

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Interested in the pricing of exploits?

See the underground prices here!