CVE 2014-0038
The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter.
Related bugs and status
CVE-2014-0038 (Candidate) is related to these bugs:
Bug #1268727: AppArmor changehat regression in 3.13.0-2.17-generic
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1268727 | AppArmor changehat regression in 3.13.0-2.17-generic | linux (Ubuntu) | High | Fix Released | ||
1268727 | AppArmor changehat regression in 3.13.0-2.17-generic | linux (Ubuntu Trusty) | High | Fix Released |
Bug #1270215: kernel 3.13.0-4.19~precise1-generic: no internet via ethernet or WiFi
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1270215 | kernel 3.13.0-4.19~precise1-generic: no internet via ethernet or WiFi | linux (Ubuntu) | High | Fix Released | ||
1270215 | kernel 3.13.0-4.19~precise1-generic: no internet via ethernet or WiFi | linux (Ubuntu Precise) | Undecided | Invalid | ||
1270215 | kernel 3.13.0-4.19~precise1-generic: no internet via ethernet or WiFi | linux-lts-trusty (Ubuntu) | Undecided | Invalid | ||
1270215 | kernel 3.13.0-4.19~precise1-generic: no internet via ethernet or WiFi | linux-lts-trusty (Ubuntu Precise) | High | Fix Released |
Bug #1274349: CVE-2014-0038
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1274349 | CVE-2014-0038 | linux (Ubuntu) | Critical | Fix Released | ||
1274349 | CVE-2014-0038 | linux (Ubuntu Saucy) | Critical | Fix Released | ||
1274349 | CVE-2014-0038 | linux (Ubuntu Trusty) | Critical | Fix Released | ||
1274349 | CVE-2014-0038 | linux-lts-saucy (Ubuntu) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-saucy (Ubuntu Saucy) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-saucy (Ubuntu Trusty) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-raring (Ubuntu) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-raring (Ubuntu Saucy) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-raring (Ubuntu Trusty) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux (Ubuntu Precise) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-raring (Ubuntu Precise) | Critical | Fix Released | ||
1274349 | CVE-2014-0038 | linux-lts-saucy (Ubuntu Precise) | Critical | Fix Released | ||
1274349 | CVE-2014-0038 | linux-armadaxp (Ubuntu) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-armadaxp (Ubuntu Precise) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-armadaxp (Ubuntu Saucy) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-armadaxp (Ubuntu Trusty) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-ec2 (Ubuntu) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-ec2 (Ubuntu Precise) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-ec2 (Ubuntu Saucy) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-ec2 (Ubuntu Trusty) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux (Ubuntu Lucid) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-armadaxp (Ubuntu Lucid) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-ec2 (Ubuntu Lucid) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-raring (Ubuntu Lucid) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-saucy (Ubuntu Lucid) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux (Ubuntu Quantal) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-armadaxp (Ubuntu Quantal) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-ec2 (Ubuntu Quantal) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-raring (Ubuntu Quantal) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-saucy (Ubuntu Quantal) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-quantal (Ubuntu) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-quantal (Ubuntu Lucid) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-quantal (Ubuntu Precise) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-quantal (Ubuntu Quantal) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-quantal (Ubuntu Saucy) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-lts-quantal (Ubuntu Trusty) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-mvl-dove (Ubuntu) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-mvl-dove (Ubuntu Lucid) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-mvl-dove (Ubuntu Precise) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-mvl-dove (Ubuntu Quantal) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-mvl-dove (Ubuntu Saucy) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-mvl-dove (Ubuntu Trusty) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-fsl-imx51 (Ubuntu) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-fsl-imx51 (Ubuntu Lucid) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-fsl-imx51 (Ubuntu Precise) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-fsl-imx51 (Ubuntu Quantal) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-fsl-imx51 (Ubuntu Saucy) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-fsl-imx51 (Ubuntu Trusty) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-ti-omap4 (Ubuntu) | Critical | Invalid | ||
1274349 | CVE-2014-0038 | linux-ti-omap4 (Ubuntu Lucid) | Critical | Invalid |
Bug #1276810: linux: 3.13.0-7.26 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1276810 | linux: 3.13.0-7.26 -proposed tracker | linux (Ubuntu) | Medium | Fix Released | ||
1276810 | linux: 3.13.0-7.26 -proposed tracker | linux (Ubuntu Trusty) | Medium | Fix Released | ||
1276810 | linux: 3.13.0-7.26 -proposed tracker | Kernel Development Workflow | Medium | Fix Released | ||
1276810 | linux: 3.13.0-7.26 -proposed tracker | Kernel Development Workflow automated-testing | Medium | Fix Released | ||
1276810 | linux: 3.13.0-7.26 -proposed tracker | Kernel Development Workflow prepare-package | Medium | Fix Released | ||
1276810 | linux: 3.13.0-7.26 -proposed tracker | Kernel Development Workflow prepare-package-meta | Medium | Invalid | ||
1276810 | linux: 3.13.0-7.26 -proposed tracker | Kernel Development Workflow prepare-package-signed | Medium | Fix Released | ||
1276810 | linux: 3.13.0-7.26 -proposed tracker | Kernel Development Workflow promote-to-release | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.