cbcvebase.
CVE-2014-9322
published 2014-12-17

CVE-2014-9322: arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which…

PriorityP349high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
1.50%
71.1th percentile
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

Affected

19 ranges
VendorProductVersion rangeFixed in
canonicalubuntu_linux
debianlinux< linux 3.16.7-ckt2-1 (bookworm)linux 3.16.7-ckt2-1 (bookworm)
googleandroid
googleandroid
linuxlinux_kernel< 3.2.653.2.65
linuxlinux_kernel>= 0 < 3.16.7-ckt2-13.16.7-ckt2-1
linuxlinux_kernel>= 0 < 3.16.7-ckt2-13.16.7-ckt2-1
linuxlinux_kernel>= 0 < 3.16.7-ckt2-13.16.7-ckt2-1
linuxlinux_kernel>= 0 < 3.16.7-ckt2-13.16.7-ckt2-1
linuxlinux_kernel>= 0 < 3.13.0-43.723.13.0-43.72
linuxlinux_kernel>= 3.11 < 3.12.353.12.35
linuxlinux_kernel>= 3.13 < 3.14.263.14.26
linuxlinux_kernel>= 3.15 < 3.16.353.16.35
linuxlinux_kernel>= 3.17 < 3.17.53.17.5
linuxlinux_kernel>= 3.3 < 3.4.1063.4.106
linuxlinux_kernel>= 3.5 < 3.10.623.10.62
opensuseevergreen
redhatenterprise_linux_eus
susesuse_linux_enterprise_server

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.