High severity7.8NVD Advisory· Published Dec 17, 2014· Updated May 6, 2026

CVE-2014-9322

Description

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

Affected products

Canonical (company)/Ubuntu Linux
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
Google/Android2 versions
cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <3.2.65
OpenSUSE/Evergreen
cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Eus
cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Server
cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp4:*:*:ltss:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

source.android.com/security/bulletin/2016-04-02.htmlnvdPatchThird Party Advisory
www.openwall.com/lists/oss-security/2014/12/15/6nvdMailing ListPatchThird Party Advisory
bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
github.com/torvalds/linux/commit/6f442be2fb22be02cafa606f1769fa1e6f894441nvdPatchThird Party Advisory
www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.5nvdMailing ListPatchVendor Advisory
www.exploit-db.com/exploits/36266nvdExploitThird Party AdvisoryVDB Entry
lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.htmlnvdMailing ListThird Party Advisory
marc.infonvdMailing ListThird Party Advisory
marc.infonvdMailing ListThird Party Advisory
rhn.redhat.com/errata/RHSA-2014-1998.htmlnvdThird Party Advisory
rhn.redhat.com/errata/RHSA-2014-2008.htmlnvdThird Party Advisory
rhn.redhat.com/errata/RHSA-2014-2028.htmlnvdThird Party Advisory
rhn.redhat.com/errata/RHSA-2014-2031.htmlnvdThird Party Advisory
rhn.redhat.com/errata/RHSA-2015-0009.htmlnvdThird Party Advisory
www.ubuntu.com/usn/USN-2491-1nvdThird Party Advisory
www.zerodayinitiative.com/advisories/ZDI-16-170nvdThird Party AdvisoryVDB Entry
help.joyent.com/entries/98788667-Security-Advisory-ZDI-CAN-3263-ZDI-CAN-3284-and-ZDI-CAN-3364-VulnerabilitiesnvdPermissions RequiredThird Party Advisory
osvdb.org/show/osvdb/115919nvdBroken Link
secunia.com/advisories/62336nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000