CVE-2014-4699

6.9

MEDIUM

"Intel Linux Kernel System Call ROP Vulnerability"

Description

The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.

INFO

Published Date :

July 9, 2014, 11:07 a.m.

Last Modified :

Feb. 16, 2024, 8:27 p.m.

Source :

[email protected]

Remotely Exploitable :

No

Impact Score :

10.0

Exploitability Score :

3.4 Public PoC/Exploit Available at Github

CVE-2014-4699 has a 44 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2014-4699 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Linux	linux_kernel
1	Canonical	ubuntu_linux
1	Debian	debian_linux

: Total Affected Vendor : 3 | Products : 3

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2014-4699.

URL	Resource
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a	Broken Link Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-0924.html	Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-3047.html	Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-3048.html	Third Party Advisory
http://openwall.com/lists/oss-security/2014/07/05/4	Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2014/07/08/16	Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2014/07/08/5	Mailing List Third Party Advisory
http://packetstormsecurity.com/files/127573/Linux-Kernel-ptrace-sysret-Local-Privilege-Escalation.html	Exploit Third Party Advisory VDB Entry
http://secunia.com/advisories/59633	Third Party Advisory
http://secunia.com/advisories/59639	Third Party Advisory
http://secunia.com/advisories/59654	Third Party Advisory
http://secunia.com/advisories/60220	Third Party Advisory
http://secunia.com/advisories/60380	Third Party Advisory
http://secunia.com/advisories/60393	Third Party Advisory
http://www.debian.org/security/2014/dsa-2972	Third Party Advisory
http://www.exploit-db.com/exploits/34134	Exploit Third Party Advisory VDB Entry
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.4	Release Notes Vendor Advisory
http://www.openwall.com/lists/oss-security/2014/07/04/4	Mailing List Third Party Advisory
http://www.osvdb.org/108754	Broken Link
http://www.ubuntu.com/usn/USN-2266-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2267-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2268-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2269-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2270-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2271-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2272-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2273-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2274-1	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1115927	Issue Tracking Patch Third Party Advisory
https://github.com/torvalds/linux/commit/b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a	Patch Third Party Advisory
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.47	Release Notes Vendor Advisory
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.11	Release Notes Vendor Advisory
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.97	Release Notes Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

a-roshbaik/Linux-Privilege-Escalation-Exploits

None

C Shell Python Assembly Ruby Makefile Meson

Updated: 4 months ago

0 stars 0 fork 0 watcher

Born at : July 20, 2024, 8:34 p.m. This repo has been linked 91 different CVEs too.

HaxorSecInfec/autoroot.sh

Auto Root / Privilege Escalation Exploit

autoroot privilege privilege-escalation root

Shell

Updated: 3 months, 1 week ago

2 stars 1 fork 1 watcher

Born at : June 11, 2024, 9:57 p.m. This repo has been linked 85 different CVEs too.

hktalent/bug-bounty

bounty collection

Shell Python Dockerfile Ruby JavaScript ASP.NET Classic ASP HTML PHP Jupyter Notebook

Updated: 2 months, 3 weeks ago

26 stars 4 fork 4 watcher

Born at : Sept. 11, 2023, 11:19 a.m. This repo has been linked 234 different CVEs too.

alian87/linux-kernel-exploits

None

C Shell Python Ruby Makefile HTML

Updated: 1 year, 5 months ago

0 stars 0 fork 0 watcher

Born at : June 14, 2023, 7:23 p.m. This repo has been linked 50 different CVEs too.

JlSakuya/Linux-Privilege-Escalation-Exploits

Linux privilege escalation exploits collection.

C Shell Python Assembly Ruby Makefile Meson

Updated: 2 months, 2 weeks ago

88 stars 13 fork 13 watcher

Born at : April 26, 2023, 2:58 p.m. This repo has been linked 91 different CVEs too.

albinjoshy03/linux-kernel-exploits

None

C Shell Python Ruby Makefile HTML

Updated: 1 year, 6 months ago

1 stars 0 fork 0 watcher

Born at : April 26, 2023, 7:11 a.m. This repo has been linked 50 different CVEs too.

ndk06/linux-kernel-exploitation

None

Updated: 2 months, 4 weeks ago

6 stars 0 fork 0 watcher

Born at : Feb. 25, 2023, 10:40 a.m. This repo has been linked 178 different CVEs too.

msecrist-couchbase/smallcb-training-capella

None

Makefile Go Nu Shell C# Java Scala HTML JavaScript CSS

Updated: 1 year, 9 months ago

0 stars 0 fork 0 watcher

Born at : Feb. 3, 2023, 3:40 p.m. This repo has been linked 1 different CVEs too.

ZTK-009/linux-kernel-exploits

None

C Shell Python Ruby Makefile HTML

Updated: 2 years, 7 months ago

0 stars 0 fork 0 watcher

Born at : April 3, 2022, 1:47 p.m. This repo has been linked 49 different CVEs too.

fei9747/LinuxEelvation

None

C Shell Python Ruby Makefile HTML

Updated: 3 years, 1 month ago

0 stars 0 fork 0 watcher

Born at : Oct. 21, 2021, 9:46 a.m. This repo has been linked 56 different CVEs too.

Al1ex/LinuxEelvation

Linux Eelvation(持续更新)

cve-2021-3156 cve-2019-7304 cve-2019-13272 cve-2018-18955 cve-2018-1000001 cve-2018-17182 cve-2017-1000367 cve-2017-1000112 cve-2017-16995 cve-2017-16939 linux-kernel elevation cve-2021-4034 cve-2022-0847

C Shell Python Ruby Makefile HTML

Updated: 2 months, 3 weeks ago

390 stars 92 fork 92 watcher

Born at : March 30, 2021, 7:09 a.m. This repo has been linked 72 different CVEs too.

rakjong/LinuxElevation

Linux Elevation

C Shell Python Ruby Makefile HTML

Updated: 1 year, 9 months ago

2 stars 6 fork 6 watcher

Born at : Dec. 29, 2020, 12:49 a.m. This repo has been linked 56 different CVEs too.

De4dCr0w/Linux-kernel-EoP-exp

Linux kernel EoP exp

C Shell Python Ruby Makefile HTML C++

Updated: 2 months, 2 weeks ago

73 stars 16 fork 16 watcher

Born at : May 13, 2020, 6:28 a.m. This repo has been linked 55 different CVEs too.

kumardineshwar/linux-kernel-exploits

None

C Shell Python Ruby Makefile HTML

Updated: 4 years, 6 months ago

0 stars 0 fork 0 watcher

Born at : May 3, 2020, 2:04 p.m. This repo has been linked 50 different CVEs too.

xfinest/linux-kernel-exploits

None

C Shell Python Ruby Makefile HTML

Updated: 4 years, 9 months ago

0 stars 0 fork 0 watcher

Born at : Feb. 2, 2020, 3:07 p.m. This repo has been linked 50 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2014-4699 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2014-4699 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

CVE Modified by [email protected]

May. 14, 2024

Action	Type	Old Value	New Value

Modified Analysis by [email protected]

Feb. 16, 2024

Action	Type	Old Value	New Value
Changed	Reference Type	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a No Types Assigned	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a Broken Link, Third Party Advisory
Changed	CPE Configuration	OR cpe:2.3:o:linux:linux_kernel::::::::* versions up to (excluding) 3.15.4	OR cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 2.6.17 up to (excluding) 3.2.61 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 3.3 up to (excluding) 3.4.97 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 3.5 up to (excluding) 3.10.47 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 3.11 up to (excluding) 3.12.25 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 3.13 up to (excluding) 3.14.11 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 3.15 up to (excluding) 3.15.4

CVE Modified by [email protected]

Nov. 07, 2023

Action	Type	Old Value	New Value
Added	Reference		MITRE http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a [No types assigned]
Removed	Reference	MITRE http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a

Modified Analysis by [email protected]

Aug. 14, 2020

Action	Type	Old Value	New Value
Changed	Reference Type	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a No Types Assigned	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a Patch, Vendor Advisory
Changed	Reference Type	http://linux.oracle.com/errata/ELSA-2014-0924.html No Types Assigned	http://linux.oracle.com/errata/ELSA-2014-0924.html Third Party Advisory
Changed	Reference Type	http://linux.oracle.com/errata/ELSA-2014-3047.html No Types Assigned	http://linux.oracle.com/errata/ELSA-2014-3047.html Third Party Advisory
Changed	Reference Type	http://linux.oracle.com/errata/ELSA-2014-3048.html No Types Assigned	http://linux.oracle.com/errata/ELSA-2014-3048.html Third Party Advisory
Changed	Reference Type	http://openwall.com/lists/oss-security/2014/07/05/4 No Types Assigned	http://openwall.com/lists/oss-security/2014/07/05/4 Mailing List, Third Party Advisory
Changed	Reference Type	http://openwall.com/lists/oss-security/2014/07/08/16 No Types Assigned	http://openwall.com/lists/oss-security/2014/07/08/16 Mailing List, Third Party Advisory
Changed	Reference Type	http://openwall.com/lists/oss-security/2014/07/08/5 No Types Assigned	http://openwall.com/lists/oss-security/2014/07/08/5 Mailing List, Third Party Advisory
Changed	Reference Type	http://packetstormsecurity.com/files/127573/Linux-Kernel-ptrace-sysret-Local-Privilege-Escalation.html No Types Assigned	http://packetstormsecurity.com/files/127573/Linux-Kernel-ptrace-sysret-Local-Privilege-Escalation.html Exploit, Third Party Advisory, VDB Entry
Changed	Reference Type	http://secunia.com/advisories/59633 No Types Assigned	http://secunia.com/advisories/59633 Third Party Advisory
Changed	Reference Type	http://secunia.com/advisories/59639 No Types Assigned	http://secunia.com/advisories/59639 Third Party Advisory
Changed	Reference Type	http://secunia.com/advisories/59654 No Types Assigned	http://secunia.com/advisories/59654 Third Party Advisory
Changed	Reference Type	http://secunia.com/advisories/60220 No Types Assigned	http://secunia.com/advisories/60220 Third Party Advisory
Changed	Reference Type	http://secunia.com/advisories/60380 No Types Assigned	http://secunia.com/advisories/60380 Third Party Advisory
Changed	Reference Type	http://secunia.com/advisories/60393 No Types Assigned	http://secunia.com/advisories/60393 Third Party Advisory
Changed	Reference Type	http://www.debian.org/security/2014/dsa-2972 No Types Assigned	http://www.debian.org/security/2014/dsa-2972 Third Party Advisory
Changed	Reference Type	http://www.exploit-db.com/exploits/34134 No Types Assigned	http://www.exploit-db.com/exploits/34134 Exploit, Third Party Advisory, VDB Entry
Changed	Reference Type	http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.4 No Types Assigned	http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.4 Release Notes, Vendor Advisory
Changed	Reference Type	http://www.openwall.com/lists/oss-security/2014/07/04/4 No Types Assigned	http://www.openwall.com/lists/oss-security/2014/07/04/4 Mailing List, Third Party Advisory
Changed	Reference Type	http://www.osvdb.org/108754 No Types Assigned	http://www.osvdb.org/108754 Broken Link
Changed	Reference Type	http://www.ubuntu.com/usn/USN-2266-1 No Types Assigned	http://www.ubuntu.com/usn/USN-2266-1 Third Party Advisory
Changed	Reference Type	http://www.ubuntu.com/usn/USN-2267-1 No Types Assigned	http://www.ubuntu.com/usn/USN-2267-1 Third Party Advisory
Changed	Reference Type	http://www.ubuntu.com/usn/USN-2268-1 No Types Assigned	http://www.ubuntu.com/usn/USN-2268-1 Third Party Advisory
Changed	Reference Type	http://www.ubuntu.com/usn/USN-2269-1 No Types Assigned	http://www.ubuntu.com/usn/USN-2269-1 Third Party Advisory
Changed	Reference Type	http://www.ubuntu.com/usn/USN-2270-1 No Types Assigned	http://www.ubuntu.com/usn/USN-2270-1 Third Party Advisory
Changed	Reference Type	http://www.ubuntu.com/usn/USN-2271-1 No Types Assigned	http://www.ubuntu.com/usn/USN-2271-1 Third Party Advisory
Changed	Reference Type	http://www.ubuntu.com/usn/USN-2272-1 No Types Assigned	http://www.ubuntu.com/usn/USN-2272-1 Third Party Advisory
Changed	Reference Type	http://www.ubuntu.com/usn/USN-2273-1 No Types Assigned	http://www.ubuntu.com/usn/USN-2273-1 Third Party Advisory
Changed	Reference Type	http://www.ubuntu.com/usn/USN-2274-1 No Types Assigned	http://www.ubuntu.com/usn/USN-2274-1 Third Party Advisory
Changed	Reference Type	https://bugzilla.redhat.com/show_bug.cgi?id=1115927 No Types Assigned	https://bugzilla.redhat.com/show_bug.cgi?id=1115927 Issue Tracking, Patch, Third Party Advisory
Changed	Reference Type	https://github.com/torvalds/linux/commit/b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a No Types Assigned	https://github.com/torvalds/linux/commit/b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a Patch, Third Party Advisory
Changed	Reference Type	https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.47 No Types Assigned	https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.47 Release Notes, Vendor Advisory
Changed	Reference Type	https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.11 No Types Assigned	https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.11 Release Notes, Vendor Advisory
Changed	Reference Type	https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.97 No Types Assigned	https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.97 Release Notes, Vendor Advisory
Changed	CPE Configuration	OR cpe:2.3:o:linux:linux_kernel:3.0:rc1::::::* cpe:2.3:o:linux:linux_kernel:3.0:rc2::::::* cpe:2.3:o:linux:linux_kernel:3.0:rc3::::::* cpe:2.3:o:linux:linux_kernel:3.0:rc4::::::* cpe:2.3:o:linux:linux_kernel:3.0:rc5::::::* cpe:2.3:o:linux:linux_kernel:3.0:rc6::::::* cpe:2.3:o:linux:linux_kernel:3.0:rc7::::::* cpe:2.3:o:linux:linux_kernel:3.0.1::::::: cpe:2.3:o:linux:linux_kernel:3.0.2::::::: cpe:2.3:o:linux:linux_kernel:3.0.3::::::: cpe:2.3:o:linux:linux_kernel:3.0.4::::::: cpe:2.3:o:linux:linux_kernel:3.0.5::::::: cpe:2.3:o:linux:linux_kernel:3.0.6::::::: cpe:2.3:o:linux:linux_kernel:3.0.7::::::: cpe:2.3:o:linux:linux_kernel:3.0.8::::::: cpe:2.3:o:linux:linux_kernel:3.0.9::::::: cpe:2.3:o:linux:linux_kernel:3.0.10::::::: cpe:2.3:o:linux:linux_kernel:3.0.11::::::: cpe:2.3:o:linux:linux_kernel:3.0.12::::::: cpe:2.3:o:linux:linux_kernel:3.0.13::::::: cpe:2.3:o:linux:linux_kernel:3.0.14::::::: cpe:2.3:o:linux:linux_kernel:3.0.15::::::: cpe:2.3:o:linux:linux_kernel:3.0.16::::::: cpe:2.3:o:linux:linux_kernel:3.0.17::::::: cpe:2.3:o:linux:linux_kernel:3.0.18::::::: cpe:2.3:o:linux:linux_kernel:3.0.19::::::: cpe:2.3:o:linux:linux_kernel:3.0.20::::::: cpe:2.3:o:linux:linux_kernel:3.0.21::::::: cpe:2.3:o:linux:linux_kernel:3.0.22::::::: cpe:2.3:o:linux:linux_kernel:3.0.23::::::: cpe:2.3:o:linux:linux_kernel:3.0.24::::::: cpe:2.3:o:linux:linux_kernel:3.0.25::::::: cpe:2.3:o:linux:linux_kernel:3.0.26::::::: cpe:2.3:o:linux:linux_kernel:3.0.27::::::: cpe:2.3:o:linux:linux_kernel:3.0.28::::::: cpe:2.3:o:linux:linux_kernel:3.0.29::::::: cpe:2.3:o:linux:linux_kernel:3.0.30::::::: cpe:2.3:o:linux:linux_kernel:3.0.31::::::: cpe:2.3:o:linux:linux_kernel:3.0.32::::::: cpe:2.3:o:linux:linux_kernel:3.0.33::::::: cpe:2.3:o:linux:linux_kernel:3.0.34::::::: cpe:2.3:o:linux:linux_kernel:3.0.35::::::: cpe:2.3:o:linux:linux_kernel:3.0.36::::::: cpe:2.3:o:linux:linux_kernel:3.0.37::::::: cpe:2.3:o:linux:linux_kernel:3.0.38::::::: cpe:2.3:o:linux:linux_kernel:3.0.39::::::: cpe:2.3:o:linux:linux_kernel:3.0.40::::::: cpe:2.3:o:linux:linux_kernel:3.0.41::::::: cpe:2.3:o:linux:linux_kernel:3.0.42::::::: cpe:2.3:o:linux:linux_kernel:3.0.43::::::: cpe:2.3:o:linux:linux_kernel:3.0.44::::::: cpe:2.3:o:linux:linux_kernel:3.0.45::::::: cpe:2.3:o:linux:linux_kernel:3.0.46::::::: cpe:2.3:o:linux:linux_kernel:3.0.47::::::: cpe:2.3:o:linux:linux_kernel:3.0.48::::::: cpe:2.3:o:linux:linux_kernel:3.0.49::::::: cpe:2.3:o:linux:linux_kernel:3.0.50::::::: cpe:2.3:o:linux:linux_kernel:3.0.51::::::: cpe:2.3:o:linux:linux_kernel:3.0.52::::::: cpe:2.3:o:linux:linux_kernel:3.0.53::::::: cpe:2.3:o:linux:linux_kernel:3.0.54::::::: cpe:2.3:o:linux:linux_kernel:3.0.55::::::: cpe:2.3:o:linux:linux_kernel:3.0.56::::::: cpe:2.3:o:linux:linux_kernel:3.0.57::::::: cpe:2.3:o:linux:linux_kernel:3.0.58::::::: cpe:2.3:o:linux:linux_kernel:3.0.59::::::: cpe:2.3:o:linux:linux_kernel:3.0.60::::::: cpe:2.3:o:linux:linux_kernel:3.0.61::::::: cpe:2.3:o:linux:linux_kernel:3.0.62::::::: cpe:2.3:o:linux:linux_kernel:3.0.63::::::: cpe:2.3:o:linux:linux_kernel:3.0.64::::::: cpe:2.3:o:linux:linux_kernel:3.0.65::::::: cpe:2.3:o:linux:linux_kernel:3.0.66::::::: cpe:2.3:o:linux:linux_kernel:3.0.67::::::: cpe:2.3:o:linux:linux_kernel:3.0.68::::::: cpe:2.3:o:linux:linux_kernel:3.1::::::: cpe:2.3:o:linux:linux_kernel:3.1:rc1::::::* cpe:2.3:o:linux:linux_kernel:3.1:rc2::::::* cpe:2.3:o:linux:linux_kernel:3.1:rc3::::::* cpe:2.3:o:linux:linux_kernel:3.1:rc4::::::* cpe:2.3:o:linux:linux_kernel:3.1.1::::::: cpe:2.3:o:linux:linux_kernel:3.1.2::::::: cpe:2.3:o:linux:linux_kernel:3.1.3::::::: cpe:2.3:o:linux:linux_kernel:3.1.4::::::: cpe:2.3:o:linux:linux_kernel:3.1.5::::::: cpe:2.3:o:linux:linux_kernel:3.1.6::::::: cpe:2.3:o:linux:linux_kernel:3.1.7::::::: cpe:2.3:o:linux:linux_kernel:3.1.8::::::: cpe:2.3:o:linux:linux_kernel:3.1.9::::::: cpe:2.3:o:linux:linux_kernel:3.1.10::::::: cpe:2.3:o:linux:linux_kernel:3.2::::::: cpe:2.3:o:linux:linux_kernel:3.2:rc2::::::* cpe:2.3:o:linux:linux_kernel:3.2:rc3::::::* cpe:2.3:o:linux:linux_kernel:3.2:rc4::::::* cpe:2.3:o:linux:linux_kernel:3.2:rc5::::::* cpe:2.3:o:linux:linux_kernel:3.2:rc6::::::* cpe:2.3:o:linux:linux_kernel:3.2:rc7::::::* cpe:2.3:o:linux:linux_kernel:3.2.1::::::: cpe:2.3:o:linux:linux_kernel:3.2.2::::::: cpe:2.3:o:linux:linux_kernel:3.2.3::::::: cpe:2.3:o:linux:linux_kernel:3.2.4::::::: cpe:2.3:o:linux:linux_kernel:3.2.5::::::: cpe:2.3:o:linux:linux_kernel:3.2.6::::::: cpe:2.3:o:linux:linux_kernel:3.2.7::::::: cpe:2.3:o:linux:linux_kernel:3.2.8::::::: cpe:2.3:o:linux:linux_kernel:3.2.9::::::: cpe:2.3:o:linux:linux_kernel:3.2.10::::::: cpe:2.3:o:linux:linux_kernel:3.2.11::::::: cpe:2.3:o:linux:linux_kernel:3.2.12::::::: cpe:2.3:o:linux:linux_kernel:3.2.13::::::: cpe:2.3:o:linux:linux_kernel:3.2.14::::::: cpe:2.3:o:linux:linux_kernel:3.2.15::::::: cpe:2.3:o:linux:linux_kernel:3.2.16::::::: cpe:2.3:o:linux:linux_kernel:3.2.17::::::: cpe:2.3:o:linux:linux_kernel:3.2.18::::::: cpe:2.3:o:linux:linux_kernel:3.2.19::::::: cpe:2.3:o:linux:linux_kernel:3.2.20::::::: cpe:2.3:o:linux:linux_kernel:3.2.21::::::: cpe:2.3:o:linux:linux_kernel:3.2.22::::::: cpe:2.3:o:linux:linux_kernel:3.2.23::::::: cpe:2.3:o:linux:linux_kernel:3.2.24::::::: cpe:2.3:o:linux:linux_kernel:3.2.25::::::: cpe:2.3:o:linux:linux_kernel:3.2.26::::::: cpe:2.3:o:linux:linux_kernel:3.2.27::::::: cpe:2.3:o:linux:linux_kernel:3.2.28::::::: cpe:2.3:o:linux:linux_kernel:3.2.29::::::: cpe:2.3:o:linux:linux_kernel:3.2.30::::::: cpe:2.3:o:linux:linux_kernel:3.3::::::: cpe:2.3:o:linux:linux_kernel:3.3:rc1::::::* cpe:2.3:o:linux:linux_kernel:3.3:rc2::::::* cpe:2.3:o:linux:linux_kernel:3.3:rc3::::::* cpe:2.3:o:linux:linux_kernel:3.3:rc4::::::* cpe:2.3:o:linux:linux_kernel:3.3:rc5::::::* cpe:2.3:o:linux:linux_kernel:3.3:rc6::::::* cpe:2.3:o:linux:linux_kernel:3.3:rc7::::::* cpe:2.3:o:linux:linux_kernel:3.3.1::::::: cpe:2.3:o:linux:linux_kernel:3.3.2::::::: cpe:2.3:o:linux:linux_kernel:3.3.3::::::: cpe:2.3:o:linux:linux_kernel:3.3.4::::::: cpe:2.3:o:linux:linux_kernel:3.3.5::::::: cpe:2.3:o:linux:linux_kernel:3.3.6::::::: cpe:2.3:o:linux:linux_kernel:3.3.7::::::: cpe:2.3:o:linux:linux_kernel:3.3.8::::::: cpe:2.3:o:linux:linux_kernel:3.4::::::: cpe:2.3:o:linux:linux_kernel:3.4:rc1::::::* cpe:2.3:o:linux:linux_kernel:3.4:rc2::::::* cpe:2.3:o:linux:linux_kernel:3.4:rc3::::::* cpe:2.3:o:linux:linux_kernel:3.4:rc4::::::* cpe:2.3:o:linux:linux_kernel:3.4:rc5::::::* cpe:2.3:o:linux:linux_kernel:3.4:rc6::::::* cpe:2.3:o:linux:linux_kernel:3.4:rc7::::::* cpe:2.3:o:linux:linux_kernel:3.4.1::::::: cpe:2.3:o:linux:linux_kernel:3.4.2::::::: cpe:2.3:o:linux:linux_kernel:3.4.3::::::: cpe:2.3:o:linux:linux_kernel:3.4.4::::::: cpe:2.3:o:linux:linux_kernel:3.4.5::::::: cpe:2.3:o:linux:linux_kernel:3.4.6::::::: cpe:2.3:o:linux:linux_kernel:3.4.7::::::: cpe:2.3:o:linux:linux_kernel:3.4.8::::::: cpe:2.3:o:linux:linux_kernel:3.4.9::::::: cpe:2.3:o:linux:linux_kernel:3.4.10::::::: cpe:2.3:o:linux:linux_kernel:3.4.11::::::: cpe:2.3:o:linux:linux_kernel:3.4.12::::::: cpe:2.3:o:linux:linux_kernel:3.4.13::::::: cpe:2.3:o:linux:linux_kernel:3.4.14::::::: cpe:2.3:o:linux:linux_kernel:3.4.15::::::: cpe:2.3:o:linux:linux_kernel:3.4.16::::::: cpe:2.3:o:linux:linux_kernel:3.4.17::::::: cpe:2.3:o:linux:linux_kernel:3.4.18::::::: cpe:2.3:o:linux:linux_kernel:3.4.19::::::: cpe:2.3:o:linux:linux_kernel:3.4.20::::::: cpe:2.3:o:linux:linux_kernel:3.4.21::::::: cpe:2.3:o:linux:linux_kernel:3.4.22::::::: cpe:2.3:o:linux:linux_kernel:3.4.23::::::: cpe:2.3:o:linux:linux_kernel:3.4.24::::::: cpe:2.3:o:linux:linux_kernel:3.4.25::::::: cpe:2.3:o:linux:linux_kernel:3.4.26::::::: cpe:2.3:o:linux:linux_kernel:3.4.27::::::: cpe:2.3:o:linux:linux_kernel:3.4.28::::::: cpe:2.3:o:linux:linux_kernel:3.4.29::::::: cpe:2.3:o:linux:linux_kernel:3.4.30::::::: cpe:2.3:o:linux:linux_kernel:3.4.31::::::: cpe:2.3:o:linux:linux_kernel:3.4.32::::::: cpe:2.3:o:linux:linux_kernel:3.4.33::::::: cpe:2.3:o:linux:linux_kernel:3.4.34::::::: cpe:2.3:o:linux:linux_kernel:3.4.35::::::: cpe:2.3:o:linux:linux_kernel:3.4.36::::::: cpe:2.3:o:linux:linux_kernel:3.4.37::::::: cpe:2.3:o:linux:linux_kernel:3.4.38::::::: cpe:2.3:o:linux:linux_kernel:3.4.39::::::: cpe:2.3:o:linux:linux_kernel:3.4.40::::::: cpe:2.3:o:linux:linux_kernel:3.4.41::::::: cpe:2.3:o:linux:linux_kernel:3.4.42::::::: cpe:2.3:o:linux:linux_kernel:3.4.43::::::: cpe:2.3:o:linux:linux_kernel:3.4.44::::::: cpe:2.3:o:linux:linux_kernel:3.4.45::::::: cpe:2.3:o:linux:linux_kernel:3.4.46::::::: cpe:2.3:o:linux:linux_kernel:3.4.47::::::: cpe:2.3:o:linux:linux_kernel:3.4.48::::::: cpe:2.3:o:linux:linux_kernel:3.4.49::::::: cpe:2.3:o:linux:linux_kernel:3.4.50::::::: cpe:2.3:o:linux:linux_kernel:3.4.51::::::: cpe:2.3:o:linux:linux_kernel:3.4.52::::::: cpe:2.3:o:linux:linux_kernel:3.4.53::::::: cpe:2.3:o:linux:linux_kernel:3.4.54::::::: cpe:2.3:o:linux:linux_kernel:3.4.55::::::: cpe:2.3:o:linux:linux_kernel:3.4.56::::::: cpe:2.3:o:linux:linux_kernel:3.4.57::::::: cpe:2.3:o:linux:linux_kernel:3.4.58::::::: cpe:2.3:o:linux:linux_kernel:3.4.59::::::: cpe:2.3:o:linux:linux_kernel:3.4.60::::::: cpe:2.3:o:linux:linux_kernel:3.4.61::::::: cpe:2.3:o:linux:linux_kernel:3.4.62::::::: cpe:2.3:o:linux:linux_kernel:3.4.63::::::: cpe:2.3:o:linux:linux_kernel:3.4.64::::::: cpe:2.3:o:linux:linux_kernel:3.4.65::::::: cpe:2.3:o:linux:linux_kernel:3.4.66::::::: cpe:2.3:o:linux:linux_kernel:3.4.67::::::: cpe:2.3:o:linux:linux_kernel:3.4.68::::::: cpe:2.3:o:linux:linux_kernel:3.4.69::::::: cpe:2.3:o:linux:linux_kernel:3.4.70::::::: cpe:2.3:o:linux:linux_kernel:3.4.71::::::: cpe:2.3:o:linux:linux_kernel:3.4.72::::::: cpe:2.3:o:linux:linux_kernel:3.4.73::::::: cpe:2.3:o:linux:linux_kernel:3.4.74::::::: cpe:2.3:o:linux:linux_kernel:3.4.75::::::: cpe:2.3:o:linux:linux_kernel:3.4.76::::::: cpe:2.3:o:linux:linux_kernel:3.4.77::::::: cpe:2.3:o:linux:linux_kernel:3.4.78::::::: cpe:2.3:o:linux:linux_kernel:3.4.79::::::: cpe:2.3:o:linux:linux_kernel:3.5.1::::::: cpe:2.3:o:linux:linux_kernel:3.5.2::::::: cpe:2.3:o:linux:linux_kernel:3.5.3::::::: cpe:2.3:o:linux:linux_kernel:3.5.4::::::: cpe:2.3:o:linux:linux_kernel:3.5.5::::::: cpe:2.3:o:linux:linux_kernel:3.5.6::::::: cpe:2.3:o:linux:linux_kernel:3.5.7::::::: cpe:2.3:o:linux:linux_kernel:3.6::::::: cpe:2.3:o:linux:linux_kernel:3.6.1::::::: cpe:2.3:o:linux:linux_kernel:3.6.2::::::: cpe:2.3:o:linux:linux_kernel:3.6.3::::::: cpe:2.3:o:linux:linux_kernel:3.6.4::::::: cpe:2.3:o:linux:linux_kernel:3.6.5::::::: cpe:2.3:o:linux:linux_kernel:3.6.6::::::: cpe:2.3:o:linux:linux_kernel:3.6.7::::::: cpe:2.3:o:linux:linux_kernel:3.6.8::::::: cpe:2.3:o:linux:linux_kernel:3.6.9::::::: cpe:2.3:o:linux:linux_kernel:3.6.10::::::: cpe:2.3:o:linux:linux_kernel:3.6.11::::::: cpe:2.3:o:linux:linux_kernel:3.7::::::: cpe:2.3:o:linux:linux_kernel:3.7.1::::::: cpe:2.3:o:linux:linux_kernel:3.7.2::::::: cpe:2.3:o:linux:linux_kernel:3.7.3::::::: cpe:2.3:o:linux:linux_kernel:3.7.4::::::: cpe:2.3:o:linux:linux_kernel:3.7.5::::::: cpe:2.3:o:linux:linux_kernel:3.7.6::::::: cpe:2.3:o:linux:linux_kernel:3.7.7::::::: cpe:2.3:o:linux:linux_kernel:3.7.8::::::: cpe:2.3:o:linux:linux_kernel:3.7.9::::::: cpe:2.3:o:linux:linux_kernel:3.7.10::::::: cpe:2.3:o:linux:linux_kernel:3.8.0::::::: cpe:2.3:o:linux:linux_kernel:3.8.1::::::: cpe:2.3:o:linux:linux_kernel:3.8.2::::::: cpe:2.3:o:linux:linux_kernel:3.8.3::::::: cpe:2.3:o:linux:linux_kernel:3.8.4::::::: cpe:2.3:o:linux:linux_kernel:3.8.5::::::: cpe:2.3:o:linux:linux_kernel:3.8.6::::::: cpe:2.3:o:linux:linux_kernel:3.8.7::::::: cpe:2.3:o:linux:linux_kernel:3.8.8::::::: cpe:2.3:o:linux:linux_kernel:3.8.9::::::: cpe:2.3:o:linux:linux_kernel:3.8.10::::::: cpe:2.3:o:linux:linux_kernel:3.8.11::::::: cpe:2.3:o:linux:linux_kernel:3.8.12::::::: cpe:2.3:o:linux:linux_kernel:3.8.13::::::: cpe:2.3:o:linux:linux_kernel:3.9:rc1::::::* cpe:2.3:o:linux:linux_kernel:3.9:rc2::::::* cpe:2.3:o:linux:linux_kernel:3.9:rc3::::::* cpe:2.3:o:linux:linux_kernel:3.9:rc4::::::* cpe:2.3:o:linux:linux_kernel:3.9:rc5::::::* cpe:2.3:o:linux:linux_kernel:3.9:rc6::::::* cpe:2.3:o:linux:linux_kernel:3.9:rc7::::::* cpe:2.3:o:linux:linux_kernel:3.9.0::::::: cpe:2.3:o:linux:linux_kernel:3.9.1::::::: cpe:2.3:o:linux:linux_kernel:3.9.2::::::: cpe:2.3:o:linux:linux_kernel:3.9.3::::::: cpe:2.3:o:linux:linux_kernel:3.9.4::::::: cpe:2.3:o:linux:linux_kernel:3.9.5::::::: cpe:2.3:o:linux:linux_kernel:3.9.6::::::: cpe:2.3:o:linux:linux_kernel:3.9.7::::::: cpe:2.3:o:linux:linux_kernel:3.9.8::::::: cpe:2.3:o:linux:linux_kernel:3.9.9::::::: cpe:2.3:o:linux:linux_kernel:3.9.10::::::: cpe:2.3:o:linux:linux_kernel:3.9.11::::::: cpe:2.3:o:linux:linux_kernel:3.10::::::: cpe:2.3:o:linux:linux_kernel:3.10.1::::::: cpe:2.3:o:linux:linux_kernel:3.10.2::::::: cpe:2.3:o:linux:linux_kernel:3.10.3::::::: cpe:2.3:o:linux:linux_kernel:3.10.4::::::: cpe:2.3:o:linux:linux_kernel:3.10.5::::::: cpe:2.3:o:linux:linux_kernel:3.10.6::::::: cpe:2.3:o:linux:linux_kernel:3.10.7::::::: cpe:2.3:o:linux:linux_kernel:3.10.8::::::: cpe:2.3:o:linux:linux_kernel:3.10.9::::::: cpe:2.3:o:linux:linux_kernel:3.10.10::::::: cpe:2.3:o:linux:linux_kernel:3.10.11::::::: cpe:2.3:o:linux:linux_kernel:3.10.12::::::: cpe:2.3:o:linux:linux_kernel:3.10.13::::::: cpe:2.3:o:linux:linux_kernel:3.10.14::::::: cpe:2.3:o:linux:linux_kernel:3.10.15::::::: cpe:2.3:o:linux:linux_kernel:3.10.16::::::: cpe:2.3:o:linux:linux_kernel:3.10.17::::::: cpe:2.3:o:linux:linux_kernel:3.10.18::::::: cpe:2.3:o:linux:linux_kernel:3.10.19::::::: cpe:2.3:o:linux:linux_kernel:3.10.20::::::: cpe:2.3:o:linux:linux_kernel:3.10.21::::::: cpe:2.3:o:linux:linux_kernel:3.10.22::::::: cpe:2.3:o:linux:linux_kernel:3.10.23::::::: cpe:2.3:o:linux:linux_kernel:3.10.24::::::: cpe:2.3:o:linux:linux_kernel:3.10.25::::::: cpe:2.3:o:linux:linux_kernel:3.10.26::::::: cpe:2.3:o:linux:linux_kernel:3.10.27::::::: cpe:2.3:o:linux:linux_kernel:3.10.28::::::: cpe:2.3:o:linux:linux_kernel:3.10.29::::::: cpe:2.3:o:linux:linux_kernel:3.11::::::: cpe:2.3:o:linux:linux_kernel:3.11.1::::::: cpe:2.3:o:linux:linux_kernel:3.11.2::::::: cpe:2.3:o:linux:linux_kernel:3.11.3::::::: cpe:2.3:o:linux:linux_kernel:3.11.4::::::: cpe:2.3:o:linux:linux_kernel:3.11.5::::::: cpe:2.3:o:linux:linux_kernel:3.11.6::::::: cpe:2.3:o:linux:linux_kernel:3.11.7::::::: cpe:2.3:o:linux:linux_kernel:3.11.8::::::: cpe:2.3:o:linux:linux_kernel:3.11.9::::::: cpe:2.3:o:linux:linux_kernel:3.11.10::::::: cpe:2.3:o:linux:linux_kernel:3.12::::::: cpe:2.3:o:linux:linux_kernel:3.12.1::::::: cpe:2.3:o:linux:linux_kernel:3.12.2::::::: cpe:2.3:o:linux:linux_kernel:3.12.3::::::: cpe:2.3:o:linux:linux_kernel:3.12.4::::::: cpe:2.3:o:linux:linux_kernel:3.12.5::::::: cpe:2.3:o:linux:linux_kernel:3.12.6::::::: cpe:2.3:o:linux:linux_kernel:3.12.7::::::: cpe:2.3:o:linux:linux_kernel:3.12.8::::::: cpe:2.3:o:linux:linux_kernel:3.12.9::::::: cpe:2.3:o:linux:linux_kernel:3.12.10::::::: cpe:2.3:o:linux:linux_kernel:3.12.11::::::: cpe:2.3:o:linux:linux_kernel:3.12.12::::::: cpe:2.3:o:linux:linux_kernel:3.12.13::::::: cpe:2.3:o:linux:linux_kernel:3.12.14::::::: cpe:2.3:o:linux:linux_kernel:3.12.15::::::: cpe:2.3:o:linux:linux_kernel:3.12.16::::::: cpe:2.3:o:linux:linux_kernel:3.12.17::::::: cpe:2.3:o:linux:linux_kernel:3.13::::::: cpe:2.3:o:linux:linux_kernel:3.13.1::::::: cpe:2.3:o:linux:linux_kernel:3.13.2::::::: cpe:2.3:o:linux:linux_kernel:3.13.3::::::: cpe:2.3:o:linux:linux_kernel:3.13.4::::::: cpe:2.3:o:linux:linux_kernel:3.13.5::::::: cpe:2.3:o:linux:linux_kernel:3.13.6::::::: cpe:2.3:o:linux:linux_kernel:3.13.7::::::: cpe:2.3:o:linux:linux_kernel:3.13.8::::::: cpe:2.3:o:linux:linux_kernel:3.13.9::::::: cpe:2.3:o:linux:linux_kernel:3.13.10::::::: cpe:2.3:o:linux:linux_kernel:3.13.11::::::: cpe:2.3:o:linux:linux_kernel:3.14:-::::::* cpe:2.3:o:linux:linux_kernel:3.14:rc1::::::* cpe:2.3:o:linux:linux_kernel:3.14:rc2::::::* cpe:2.3:o:linux:linux_kernel:3.14:rc3::::::* cpe:2.3:o:linux:linux_kernel:3.14:rc4::::::* cpe:2.3:o:linux:linux_kernel:3.14:rc5::::::* cpe:2.3:o:linux:linux_kernel:3.14:rc6::::::* cpe:2.3:o:linux:linux_kernel:3.14:rc7::::::* cpe:2.3:o:linux:linux_kernel:3.14:rc8::::::* cpe:2.3:o:linux:linux_kernel:3.14.1::::::: cpe:2.3:o:linux:linux_kernel:3.14.2::::::: cpe:2.3:o:linux:linux_kernel:3.14.3::::::: cpe:2.3:o:linux:linux_kernel:3.14.4::::::: cpe:2.3:o:linux:linux_kernel:3.14.5::::::: cpe:2.3:o:linux:linux_kernel:3.14.6::::::: cpe:2.3:o:linux:linux_kernel:3.14.7::::::: cpe:2.3:o:linux:linux_kernel:3.15::::::: cpe:2.3:o:linux:linux_kernel:3.15.1::::::: cpe:2.3:o:linux:linux_kernel:3.15.2::::::: cpe:2.3:o:linux:linux_kernel::::::::* versions up to (including) 3.15.3	OR cpe:2.3:o:linux:linux_kernel::::::::* versions up to (excluding) 3.15.4
Added	CPE Configuration		OR cpe:2.3:o:debian:debian_linux:7.0:::::::
Added	CPE Configuration		OR cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::* cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::* cpe:2.3:o:canonical:ubuntu_linux:13.10::::::: cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::*

Initial Analysis by [email protected]

Jul. 09, 2014

Action	Type	Old Value	New Value

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2014-4699 is associated with the following CWEs:

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2014-4699 weaknesses.

CAPEC-26: Leveraging Race Conditions Leveraging Race Conditions CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions

CVE-2014-4699

"Intel Linux Kernel System Call ROP Vulnerability"

Description

INFO

July 9, 2014, 11:07 a.m.

Feb. 16, 2024, 8:27 p.m.

No

10.0

3.4

Public PoC/Exploit Available at Github

Affected Products

References to Advisories, Solutions, and Tools

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

Initial Analysis by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

0.04 }} 0.00%

0.00501

CVSS2 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable