Vulnerability Report

CVE-2014-9322

Title: Redhat Enterprise Linux Eus Auth Bypass

Auth Bypass

Proof Of Concept

PoC Available for CVE-2014-9322

CWE Category CWE-269
Published Date Dec 17, 2014
Modified Date May 06, 2026
Exploit Status Available
Score 7.8 CVSS v3.1
Exploit Probability (EPSS)
5.41%

Vulnerability Summary

CVE-2014-9322: arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

Impacted Vendors

S
samsung 1
U
ubuntu 2
C
canonical 1
R
redhat 1
N
novell 1
S
suse 1
G
google 1
O
opensuse 1
E
evergreen-ils 1
L
linux 1

Reference Links

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f442be2fb22be02cafa606f1769fa1e6f894441 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://marc.info/?l=bugtraq&m=142722450701342&w=2 http://marc.info/?l=bugtraq&m=142722544401658&w=2 http://osvdb.org/show/osvdb/115919 http://rhn.redhat.com/errata/RHSA-2014-1998.html http://rhn.redhat.com/errata/RHSA-2014-2008.html http://rhn.redhat.com/errata/RHSA-2014-2028.html http://rhn.redhat.com/errata/RHSA-2014-2031.html http://rhn.redhat.com/errata/RHSA-2015-0009.html http://secunia.com/advisories/62336 http://source.android.com/security/bulletin/2016-04-02.html http://www.exploit-db.com/exploits/36266 http://www.openwall.com/lists/oss-security/2014/12/15/6 http://www.ubuntu.com/usn/USN-2491-1 http://www.zerodayinitiative.com/advisories/ZDI-16-170 https://bugzilla.redhat.com/show_bug.cgi?id=1172806 https://github.com/torvalds/linux/commit/6f442be2fb22be02cafa606f1769fa1e6f894441 https://help.joyent.com/entries/98788667-Security-Advisory-ZDI-CAN-3263-ZDI-CAN-3284-and-ZDI-CAN-3364-Vulnerabilities https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f442be2fb22be02cafa606f1769fa1e6f894441 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://marc.info/?l=bugtraq&m=142722450701342&w=2 http://marc.info/?l=bugtraq&m=142722544401658&w=2 http://osvdb.org/show/osvdb/115919 http://rhn.redhat.com/errata/RHSA-2014-1998.html http://rhn.redhat.com/errata/RHSA-2014-2008.html http://rhn.redhat.com/errata/RHSA-2014-2028.html http://rhn.redhat.com/errata/RHSA-2014-2031.html http://rhn.redhat.com/errata/RHSA-2015-0009.html http://secunia.com/advisories/62336 http://source.android.com/security/bulletin/2016-04-02.html http://www.exploit-db.com/exploits/36266 http://www.openwall.com/lists/oss-security/2014/12/15/6 http://www.ubuntu.com/usn/USN-2491-1 http://www.zerodayinitiative.com/advisories/ZDI-16-170 https://bugzilla.redhat.com/show_bug.cgi?id=1172806 https://github.com/torvalds/linux/commit/6f442be2fb22be02cafa606f1769fa1e6f894441 https://help.joyent.com/entries/98788667-Security-Advisory-ZDI-CAN-3263-ZDI-CAN-3284-and-ZDI-CAN-3364-Vulnerabilities https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.5
CVSS v3.1
Source Entity [email protected]
Severity HIGH
7.8
Attack Vector
LOCAL
Complexity
LOW
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS v2.0
Source Entity [email protected]
Severity HIGH
7.2
Access Vector
N/A
Authentication
N/A
RAW VECTOR AV:L/AC:L/Au:N/C:C/I:C/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2014-9322 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/44205
View Code
Exploit-DB https://www.exploit-db.com/exploits/36266
View Code
MODIFIED

Vulnerability data updated via NVD.

MODIFIED

Vulnerability data updated via NVD.

MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector LOCAL
Complexity LOW
Privileges N/A
Interaction NONE
CVSS Vector String CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Stack

No specific products linked.