Red Hat Bugzilla – Bug 1052914
CVE-2014-1438 kernel: x86: exceptions are not cleared in AMD FXSAVE workaround
Last modified: 2015-08-24 16:06:29 EDT
Linux kernel is found to be vulnerable to a NULL pointer dereference flaw
caused due to inappropriate handling of Floating Point Unit(FPU) exceptions
during task switch at 'emms' instruction. This only affects AMD CPU family
in both i386 & AMD64 modes.
A user/program could use this flaw to kill tasks at random resulting in DoS
or potentially gain root privileges if allowed to map NULL(mmap_min_addr=0)
This issue does not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1053599]
kernel-3.12.8-200.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
kernel-3.12.8-300.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products:
MRG for RHEL-6 v.2
Via RHSA-2014:0439 https://rhn.redhat.com/errata/RHSA-2014-0439.html