Red Hat Bugzilla – Bug 1060023
CVE-2014-0038 Kernel: 3.4+ arbitrary write with CONFIG_X86_X32
Last modified: 2015-07-31 03:15:34 EDT
Linux kernel(>= version 3.4+) built with the X32 ABI for 64-bit mode support
CONFIG_X86_X32, is vulnerable to an arbitrary write to a user supplied address.
X32 ABI allows 32-bit programs to run on 64-bit machines with all its features,
without using the 64-bit addressing. These programs continue to use 32-bit
memory addressing. The flaw occurs while doing a recvmmsg(2) call.
A user/program could use this flaw to crash the system resulting in DoS or
potentially escalate user privileges to a system.
Not vulnerable. This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.