Does CVE-2014-0038 affect RHEL?

Solution Verified - Updated -

Issue

  • A vulnerability (CVE-2014-0038) has been discovered in the Linux kernel that could allow a local attacker to write to arbitrary kernel memory. Exploitation of this issue is reported to be fairly trivial with at least one source saying that working exploit code could be written in the next few days.

  • Successful exploitation could lead to the execution of arbitrary code as the root user. To be vulnerable, the kernel must be configured with the CONFIG_X86_X32 option.

  • Reference: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038)

Environment

  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise Linux 4
  • Red Hat Enterprise MRG 2

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content