Wind River Support Network

HomeDefectsLIN5-19944
Fixed

LIN5-19944 : Security Advisory - linux - CVE-2014-8133

Created: Dec 30, 2014    Updated: Dec 19, 2017
Resolved Date: Feb 10, 2015
Found In Version: 5.0.1.22
Fix Version: 5.0.1.24
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Kernel

Description

arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8133

Other Downloads


Live chat
Online