CVE-2014-1438

Published: 18 January 2014

The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service (task kill) or possibly gain privileges via a crafted application.

From the Ubuntu Security Team

halfdog reported an error in the AMD K7 and K8 platform support in the Linux kernel. An unprivileged local user could exploit this flaw on AMD based systems to cause a denial of service (task kill) or possibly gain privileges via a crafted application.

Notes

per upstream, should only affect AMD CPUs

Status

References

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1438
• http://www.openwall.com/lists/oss-security/2014/01/14/1
• http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/
• https://lkml.org/lkml/2014/1/9/637
• https://ubuntu.com/security/notices/USN-2113-1
• https://ubuntu.com/security/notices/USN-2117-1
• https://ubuntu.com/security/notices/USN-2133-1
• https://ubuntu.com/security/notices/USN-2134-1
• https://ubuntu.com/security/notices/USN-2135-1
• https://ubuntu.com/security/notices/USN-2136-1
• https://ubuntu.com/security/notices/USN-2138-1
• https://ubuntu.com/security/notices/USN-2139-1
• https://ubuntu.com/security/notices/USN-2141-1
• https://ubuntu.com/security/notices/USN-2233-1
• https://ubuntu.com/security/notices/USN-2234-1
• NVD
• Launchpad
• Debian

Bugs

• https://launchpad.net/bugs/1271441