CVE Vulnerabilities

CVE-2014-8159

Published: Mar 16, 2015 | Modified: Jun 06, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.9 MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
6.2 IMPORTANT
AV:L/AC:H/Au:N/C:C/I:C/A:C
RedHat/V3
Ubuntu
HIGH

The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by leveraging permissions on a uverbs device under /dev/infiniband/.

Affected Software

Name Vendor Start Version End Version
Linux_kernel Linux 2.6.12 (including) 3.2.69 (excluding)
Linux_kernel Linux 3.3 (including) 3.4.108 (excluding)
Linux_kernel Linux 3.5 (including) 3.10.75 (excluding)
Linux_kernel Linux 3.11 (including) 3.12.41 (excluding)
Linux_kernel Linux 3.13 (including) 3.14.39 (excluding)
Linux_kernel Linux 3.15 (including) 3.16.35 (excluding)
Linux_kernel Linux 3.17 (including) 3.18.13 (excluding)
Linux_kernel Linux 3.19 (including) 3.19.5 (excluding)
Linux Ubuntu lucid *
Linux Ubuntu precise *
Linux Ubuntu trusty *
Linux Ubuntu upstream *
Linux Ubuntu utopic *
Linux-2.6 Ubuntu upstream *
Linux-armadaxp Ubuntu precise *
Linux-armadaxp Ubuntu upstream *
Linux-aws Ubuntu upstream *
Linux-ec2 Ubuntu lucid *
Linux-ec2 Ubuntu upstream *
Linux-flo Ubuntu esm-apps/xenial *
Linux-flo Ubuntu trusty *
Linux-flo Ubuntu upstream *
Linux-flo Ubuntu utopic *
Linux-flo Ubuntu vivid *
Linux-flo Ubuntu vivid/stable-phone-overlay *
Linux-flo Ubuntu wily *
Linux-flo Ubuntu xenial *
Linux-flo Ubuntu yakkety *
Linux-fsl-imx51 Ubuntu lucid *
Linux-fsl-imx51 Ubuntu upstream *
Linux-gke Ubuntu upstream *
Linux-goldfish Ubuntu esm-apps/xenial *
Linux-goldfish Ubuntu trusty *
Linux-goldfish Ubuntu upstream *
Linux-goldfish Ubuntu utopic *
Linux-goldfish Ubuntu vivid *
Linux-goldfish Ubuntu wily *
Linux-goldfish Ubuntu xenial *
Linux-goldfish Ubuntu yakkety *
Linux-goldfish Ubuntu zesty *
Linux-grouper Ubuntu trusty *
Linux-grouper Ubuntu upstream *
Linux-grouper Ubuntu utopic *
Linux-hwe Ubuntu upstream *
Linux-hwe-edge Ubuntu upstream *
Linux-linaro-omap Ubuntu precise *
Linux-linaro-omap Ubuntu upstream *
Linux-linaro-shared Ubuntu precise *
Linux-linaro-shared Ubuntu upstream *
Linux-linaro-vexpress Ubuntu precise *
Linux-linaro-vexpress Ubuntu upstream *
Linux-lts-quantal Ubuntu precise *
Linux-lts-quantal Ubuntu upstream *
Linux-lts-raring Ubuntu precise *
Linux-lts-raring Ubuntu precise/esm *
Linux-lts-raring Ubuntu upstream *
Linux-lts-saucy Ubuntu precise *
Linux-lts-saucy Ubuntu upstream *
Linux-lts-trusty Ubuntu precise *
Linux-lts-trusty Ubuntu upstream *
Linux-lts-utopic Ubuntu trusty *
Linux-lts-utopic Ubuntu upstream *
Linux-lts-vivid Ubuntu upstream *
Linux-lts-wily Ubuntu upstream *
Linux-lts-xenial Ubuntu upstream *
Linux-maguro Ubuntu trusty *
Linux-maguro Ubuntu upstream *
Linux-mako Ubuntu esm-apps/xenial *
Linux-mako Ubuntu trusty *
Linux-mako Ubuntu upstream *
Linux-mako Ubuntu utopic *
Linux-mako Ubuntu vivid *
Linux-mako Ubuntu vivid/stable-phone-overlay *
Linux-mako Ubuntu wily *
Linux-mako Ubuntu xenial *
Linux-mako Ubuntu yakkety *
Linux-manta Ubuntu trusty *
Linux-manta Ubuntu upstream *
Linux-manta Ubuntu utopic *
Linux-manta Ubuntu vivid *
Linux-manta Ubuntu wily *
Linux-mvl-dove Ubuntu lucid *
Linux-mvl-dove Ubuntu upstream *
Linux-qcm-msm Ubuntu lucid *
Linux-qcm-msm Ubuntu precise *
Linux-qcm-msm Ubuntu upstream *
Linux-raspi2 Ubuntu upstream *
Linux-raspi2 Ubuntu vivid/ubuntu-core *
Linux-snapdragon Ubuntu upstream *
Linux-ti-omap4 Ubuntu precise *
Linux-ti-omap4 Ubuntu upstream *
Red Hat Enterprise Linux 5 RedHat kernel-0:2.6.18-404.el5 *
Red Hat Enterprise Linux 5.6 Long Life RedHat kernel-0:2.6.18-238.55.1.el5 *
Red Hat Enterprise Linux 5.9 Extended Update Support RedHat kernel-0:2.6.18-348.30.1.el5 *
Red Hat Enterprise Linux 6 RedHat kernel-0:2.6.32-504.12.2.el6 *
Red Hat Enterprise Linux 6.2 Advanced Update Support RedHat kernel-0:2.6.32-220.60.2.el6 *
Red Hat Enterprise Linux 6.4 Advanced Update Support RedHat kernel-0:2.6.32-358.59.1.el6 *
Red Hat Enterprise Linux 6.5 Extended Update Support RedHat kernel-0:2.6.32-431.53.2.el6 *
Red Hat Enterprise Linux 7 RedHat kernel-rt-0:3.10.0-229.1.2.rt56.141.2.el7_1 *
Red Hat Enterprise Linux 7 RedHat kernel-0:3.10.0-229.1.2.ael7b *
Red Hat Enterprise MRG 2 RedHat kernel-rt-1:3.10.0-229.rt56.147.el6rt *

References