- Home
- CVEs with nessus.description==Andy+Lutomirski+discovered+that+the+Linux+kernel+does+not+properly+handle+faults+associated+with+the+Stack+Segment+%28SS%29+register+in+the+x86+architecture.+A+local+attacker+could+exploit+this+flaw+to+gain+administrative+privileges.+%28CVE-2014-9322%29%0A%0ALars+Bull+reported+a+race+condition+in+the+PIT+%28programmable+interrupt+timer%29+emulation+in+the+KVM+%28Kernel+Virtual+Machine%29+subsystem+of+the+Linux+kernel.+A+local+guest+user+with+access+to+PIT+i%2Fo+ports+could+exploit+this+flaw+to+cause+a+denial+of+service+%28crash%29+on+the+host.%0A%28CVE-2014-3611%29%0A%0ALars+Bull+and+Nadav+Amit+reported+a+flaw+in+how+KVM+%28the+Kernel+Virtual+Machine%29+handles+noncanonical+writes+to+certain+MSR+registers.%0AA+privileged+guest+user+can+exploit+this+flaw+to+cause+a+denial+of+service+%28kernel+panic%29+on+the+host.+%28CVE-2014-3610%29%0A%0AAndy+Lutomirski+discovered+an+information+leak+in+the+Linux+kernel%27s+Thread+Local+Storage+%28TLS%29+implementation+allowing+users+to+bypass+the+espfix+to+obtain+information+that+could+be+used+to+bypass+the+Address+Space+Layout+Randomization+%28ASLR%29+protection+mechanism.+A+local+user+could+exploit+this+flaw+to+obtain+potentially+sensitive+information+from+kernel+memory.+%28CVE-2014-8133%29%0A%0APrasad+J+Pandit+reported+a+flaw+in+the+rock_continue+function+of+the+Linux+kernel%27s+ISO+9660+CDROM+file+system.+A+local+user+could+exploit+this+flaw+to+cause+a+denial+of+service+%28system+crash+or+hang%29.%0A%28CVE-2014-9420%29.%0A%0ANote+that+Tenable+Network+Security+has+extracted+the+preceding+description+block+directly+from+the+Ubuntu+security+advisory.+Tenable+has+attempted+to+automatically+clean+and+format+it+as+much+as+possible+without+introducing+additional+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top