Linux kernel futex local privilege escalation (CVE-2014-3153) | oss-sec

oss-sec logo

From: Solar Designer <solar () openwall com>

Date: Thu, 5 Jun 2014 18:45:45 +0400

 

Hi,

This was handled via linux-distros, hence the mandatory oss-security

posting. The issue was made public earlier today, and is included in

this Debian advisory:

https://lists.debian.org/debian-security-announce/2014/msg00130.html

CVE-2014-3153

Pinkie Pie discovered an issue in the futex subsystem that allows a

local user to gain ring 0 control via the futex syscall. An

unprivileged user could use this flaw to crash the kernel (resulting

in denial of service) or for privilege escalation.

via 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht.