Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2014-9585

Disclosure Date: January 09, 2015
CVE-2014-9585
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • canonical,
  • debian,
  • fedoraproject,
  • linux,
  • opensuse,
  • redhat,
  • suse

Products

  • debian linux 7.0,
  • debian linux 8.0,
  • enterprise linux aus 6.6,
  • enterprise linux desktop 6.0,
  • enterprise linux desktop 7.0,
  • enterprise linux eus 6.6,
  • enterprise linux server 6.0,
  • enterprise linux server 7.0,
  • enterprise linux server aus 7.3,
  • enterprise linux server aus 7.4,
  • enterprise linux server aus 7.6,
  • enterprise linux server aus 7.7,
  • enterprise linux server eus 7.1,
  • enterprise linux server eus 7.2,
  • enterprise linux server eus 7.3,
  • enterprise linux server eus 7.4,
  • enterprise linux server eus 7.5,
  • enterprise linux server eus 7.6,
  • enterprise linux server eus 7.7,
  • enterprise linux server tus 6.6,
  • enterprise linux server tus 7.3,
  • enterprise linux server tus 7.6,
  • enterprise linux server tus 7.7,
  • enterprise linux workstation 6.0,
  • enterprise linux workstation 7.0,
  • evergreen 11.4,
  • fedora 21,
  • linux enterprise desktop 12,
  • linux enterprise real time extension 11,
  • linux enterprise server 11,
  • linux enterprise server 12,
  • linux enterprise software development kit 12,
  • linux enterprise workstation extension 12,
  • linux kernel,
  • opensuse 13.1,
  • ubuntu linux 12.04,
  • ubuntu linux 14.04,
  • ubuntu linux 14.10

References

Canonical
CVE-2014-9585 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585)
BID-71990 (http://www.securityfocus.com/bid/71990)
Advisory
http://git.kernel.org?p=linux/kernel/git/tip/tip.git;a=commit;h=fbe1bf140671619508dfa575d74a185ae53c5dbb
USN-2515-1 (http://www.ubuntu.com/usn/USN-2515-1)
DSA-3170 (http://www.debian.org/security/2015/dsa-3170)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
http://rhn.redhat.com/errata/RHSA-2015-1778.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html
USN-2514-1 (http://www.ubuntu.com/usn/USN-2514-1)
FEDORA-2015-0937 (http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148480.html)
[oss-security] 20150109 Re: PIE bypass using VDSO ASLR weakness - Linux kernel (http://www.openwall.com/lists/oss-security/2015/01/09/8)
USN-2518-1 (http://www.ubuntu.com/usn/USN-2518-1)
http://rhn.redhat.com/errata/RHSA-2015-1787.html
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
[oss-security] 20141209 PIE bypass using VDSO ASLR weakness (http://www.openwall.com/lists/oss-security/2014/12/09/10)
USN-2517-1 (http://www.ubuntu.com/usn/USN-2517-1)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html
USN-2516-1 (http://www.ubuntu.com/usn/USN-2516-1)
USN-2513-1 (http://www.ubuntu.com/usn/USN-2513-1)
http://rhn.redhat.com/errata/RHSA-2015-1081.html
Miscellaneous
http://v0ids3curity.blogspot.in/2014/12/return-to-vdso-using-elf-auxiliary.html
http://git.kernel.org?p=linux/kernel/git/luto/linux.git;a=commit;h=bc3b94c31d65e761ddfe150d02932c65971b74e2

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis