Announcement Announcement Module
Collapse
No announcement yet.
Denial of Service vulnerability in Linux Kernel " bpf_jit_compile()" Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Denial of Service vulnerability in Linux Kernel " bpf_jit_compile()"

    Denial of Service vulnerability in Linux Kernel " bpf_jit_compile()"


    Severity Rating: Medium

    System Affected

    • Linux kernel prior to 3.1.8

    Overview

    A vulnerability has been reported in Linux Kernel which could be exploited by a local attacker to cause the system kernel to crash leading in denial of service Conditions (DoS) or potentially escalate user privileges on a system to gain root access.

    Description

    The vulnerability exists due to "Off-by-one" error in the bpf_jit_compile() in "arch/x86/net/bpf_jit_comp.c" in the Linux kernel. A local attacker could exploit this vulnerability while BPF JIT is enabled, to gain
    privileges and cause the system kernel to crash resulting in denial of service Conditions (DoS).

    Solution
    Apply appropriate patch as mentioned in the following link
    https://git.kernel.org/cgit/linux/ke...832144c42e67fa

    Vendor Information

    Kernel.org
    http://www.kernel.org

    References

    Redhat
    https://access.redhat.com/security/cve/CVE-2014-2889

    XForce
    http://xforce.iss.net/xforce/xfdb/92684

    Security Focus
    http://www.securityfocus.com/bid/66931/info
Tag Cloud Tag Cloud Module
Collapse
Working...
X