kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | 2.6.32 (including) | 3.2.65 (excluding) |
Linux_kernel | Linux | 3.3 (including) | 3.4.106 (excluding) |
Linux_kernel | Linux | 3.5 (including) | 3.10.60 (excluding) |
Linux_kernel | Linux | 3.11 (including) | 3.12.33 (excluding) |
Linux_kernel | Linux | 3.13 (including) | 3.14.24 (excluding) |
Linux_kernel | Linux | 3.15 (including) | 3.16.35 (excluding) |
Linux_kernel | Linux | 3.17 (including) | 3.17.3 (excluding) |