In the implementation of the ptrace system call
, a vulnerability was
discovered CVE-2014-4699 , which allows raising its privileges in the system or causing a kernel panic. Vulnerability is manifested only on the x86_64 architecture when using some models of Intel processors. The problem manifests itself since the kernel 2.6.17, but the operation technique for different releases may differ. To check for vulnerabilities,
a working exploit prototype has been
published . Attention, test only on virtual))))
The problem is caused by the lack of verification of the correctness of the RIP register in the ptrace API, which under certain circumstances can lead to the restoration of an incorrect return point when using the 'sysret' instruction. The vulnerability is already
fixed in
the Linux
kernel releases 3.15.4, 3.14.11, 3.4.97 and 3.10.47.
Debian ,
Ubuntu and
Arch Linux are among the distributions that have released the update. For other distributions there is no data.