Stack Segment (SS) Segment Register Denial of Service Vulnerability

Stack Segment (SS) Segment Register Denial of Service Vulnerability

CVE-2014-9090 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.