VDB
CVE-2014-4157
CVE-2014-4157
PUBLISHED
CVSS 4.599999904632568 MEDIUM
arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 on the MIPS platform does not configure _TIF_SECCOMP checks on the fast system-call path, which allows local users to bypass intended PR_SET_SECCOMP restrictions by executing a crafted application without invoking a trace or audit subsystem.
EPSS 0.04% · 13.8th percentile
Risk Scores
CVSS v2.0
4.599999904632568
EPSS Score
0.04%
13.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| linux | linux_kernel | 0 |
Timeline
- Jun 23, 2014 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 17, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 1, 2023 EPSS Score
- May 24, 2023 EPSS Score
References
- [oss-security] 20140617 Re: (Linux kernel) Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl(PR_SET_SECCOMP, 1, ...) on MIPS mailing-list
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8 url
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=137f7df8cead00688524c82360930845396b8a21 url
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751417 url
- [oss-security] 20140616 Re: Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl(PR_SET_SECCOMP, 1, ...) on MIPS mailing-list
- https://github.com/torvalds/linux/commit/137f7df8cead00688524c82360930845396b8a21 url
- https://nvd.nist.gov/vuln/detail/CVE-2014-4157 advisory
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=137f7df8cead00688524c82360930845396b8a21 url