Your submission was sent successfully! Close

CVE-2014-0038

Published: 30 January 2014

The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter.

From the Ubuntu security team

Pageexec reported a bug in the Linux kernel's recvmmsg syscall when called from code using the x32 ABI. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or gain administrator privileges.

Priority

Critical

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (3.14~rc1)
Patches:
Introduced by ee4fa23c4bfcc635d077a9633d405610de45bc70
Fixed by 2def2ef2ae5f3990aabdbe8a755911902707d268
linux-armadaxp
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x32 only)
This package is not directly supported by the Ubuntu Security Team
linux-ec2
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x32 only)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x32 only)
linux-goldfish
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x32 only)
linux-grouper
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x32 only)
linux-linaro-omap
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x32 only)
linux-linaro-shared
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x32 only)
linux-linaro-vexpress
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x32 only)
linux-lts-quantal
Launchpad, Ubuntu, Debian
Upstream
Released (3.14~rc1)
linux-lts-raring
Launchpad, Ubuntu, Debian
Upstream
Released (3.14~rc1)
linux-lts-saucy
Launchpad, Ubuntu, Debian
Upstream
Released (3.14~rc1)
linux-maguro
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x32 only)
linux-mako
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x32 only)
linux-manta
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x32 only)
linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x32 only)
linux-qcm-msm
Launchpad, Ubuntu, Debian
Upstream
Released (3.14~rc1)
linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x32 only)