CVE-2014-9322 Vulnerability Info for Red Hat and CentOS

Reading Time: < 1 minute

A vulnerability found in the Linux kernel, specifically a flaw in fault handling associated with the Stack Segment (SS), allows an unprivileged user to potentially gain privileges. CentOS 4, CentOS 5, CentOS 6, and CentOS 7 are potentially affected, thus we want to highlight the following information.

To verify your kernel has at least downloaded the patch you can run the following command on your server:

rpm -q --changelog kernel | grep CVE-2014-9322

If your server has the patch, then you should receive the following response:

– [x86] traps: stop using IST for #SS (Petr Matousek) [1172812 1172813] {CVE-2014-9322}

Be sure to reboot your server after the patch is installed.

We also have tutorials on How To Update the Kernel in CentOS / Red Hat and How To Check the Kernel Version in Linux / Ubuntu / CentOS.

The National Vulnerability Database describes the issue as follows:

The Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

Further information on CVE-2014-9322 is available from the NIST NVD and Red Hat.

About the Author: J. Mays

As a previous contributor, JMays shares his insight with our Knowledge Base center. In our Knowledge Base, you'll be able to find how-to articles on Ubuntu, CentOS, Fedora and much more!

Have Some Questions?

Our Sales and Support teams are available 24 hours by phone or e-mail to assist.

1.800.580.4985
1.517.322.0434

Latest Articles

Cloning an Existing Virtual Machine with VMware

Read Article

Podman vs Docker: A Comparison

Read Article

Five Steps to Create a Robots.txt File for Your Website

Read Article

Premium Business Email Pricing FAQ

Read Article

Microsoft Exchange Server Security Update

Read Article