CVE-2014-3534

arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a crafted application that makes a ptrace system call.

Weakness

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Affected Software

Name	Vendor	Start Version	End Version
Linux_kernel	Linux	*	3.2.62 (excluding)
Linux_kernel	Linux	3.3 (including)	3.4.101 (excluding)
Linux_kernel	Linux	3.5 (including)	3.10.51 (excluding)
Linux_kernel	Linux	3.11 (including)	3.12.27 (excluding)
Linux_kernel	Linux	3.13 (including)	3.14.15 (excluding)
Linux_kernel	Linux	3.15 (including)	3.15.8 (excluding)

Potential Mitigations

https://cwe.mitre.org/data/definitions/122.html
https://cwe.mitre.org/data/definitions/233.html
https://cwe.mitre.org/data/definitions/58.html

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dab6cf55f81a6e16b8147aed9a843e1691dcd318
http://secunia.com/advisories/59790
http://secunia.com/advisories/60351
http://www.debian.org/security/2014/dsa-2992
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.8
http://www.osvdb.org/109546
http://www.securityfocus.com/bid/68940
http://www.securitytracker.com/id/1030683
https://bugzilla.redhat.com/show_bug.cgi?id=1114089
https://exchange.xforce.ibmcloud.com/vulnerabilities/95069
https://github.com/torvalds/linux/commit/dab6cf55f81a6e16b8147aed9a843e1691dcd318

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-3534
CWE	https://cwe.mitre.org/data/definitions/269.html

Improper Privilege Management

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References