Lutomirski had recently reported the CVE-2014-9090 which was caused due to improper handling of faults associated with the Stack Segment (SS) register on the x86 architecture. After notification of CVE-2014-9090, Borislav Petkov pointed out to Lutomirski some further flaws that existed even after vulnerability. After research Lutomirski discovered that there were two bugs in the improper handling of Stack Segment (SS) register. The new kernel kernel vulnerability is now identified CVE-2014-9322 and allows potential hacker to gain privilege escalation on all X86_64 systems. Lutomirski has stated that the fix which was released for CVE-2014-9090 also patches CVE-2014-9322. While National Vulnerability Database maintained by NIST has assigned a base score of 7.2 to this Linux kernel privilege escalation vulnerability, Red Hat has rated this bug as “important.” This vulnerability affects the Red Hat Enterprise Linux 4, 5, 6, and 7, and Red Hat Enterprise MRG 2 and a kernel package update has been released to address this flaw on Thursday which can be downloaded here. He added that, “This is likely to be easy to exploit for privilege escalation, except on systems with SMAP or UDEREF. On those systems, assuming that the mitigation works correctly, the impact of this bug may be limited to massive memory corruption and an eventual crash or reboot.” In a separate advisory, Red Hat has dismissed the ‘Grinch’ vulnerability in Linux which was notified by Alert Logic earlier. The ‘Grinch’ vulnerability was reported by Techworm earlier this week and many users also commented about it being a false report. Red Hat has stated that ‘Grinch’ is neither a flaw nor a security issue. The obvious fact was pointed out by one commentor, CRPECK who quoted from Red Hat website, “give an unauthorized user root access to the system by leveraging “wheel,” a special user group that controls access to the su command and allows one user to operate as if they were another. If a user is a member of the ‘wheel’ group, they are authorized by definition. Obviously you shouldn’t give non-trusted users wheel privileges. This is a non-issue.”
