Wind River Support Network

HomeDefectsLIN7-2558
Fixed

LIN7-2558 : Security Advisory - linux - CVE-2014-8133

Created: Dec 30, 2014    Updated: Sep 8, 2018
Resolved Date: Feb 10, 2015
Found In Version: 7.0
Fix Version: 7.0.0.3
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Kernel

Description

arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8133

Other Downloads


CVEs


Live chat
Online