CVE-2014-9090

medium

Published 2014-11-30 · Modified 2026-05-06

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

—

CVSS v4 NEW

—

not yet in upstream

VIR risk

4.9

Description

The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.

✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

OS impact

Linux kernel Affected 174 releases

Version	Status	Fixed in
3.2	Affected	—
3.17.2	Affected	—
3.17.1	Affected	—
3.17	Affected	—
3.16.1	Affected	—
3.16.0	Affected	—
3.15.8	Affected	—
3.15.7	Affected	—
3.15.6	Affected	—
3.15.5	Affected	—
3.15.4	Affected	—
3.15.3	Affected	—
3.15.2	Affected	—
3.15.1	Affected	—
3.15	Affected	—
3.14.5	Affected	—
3.14.4	Affected	—
3.14.3	Affected	—
3.14.2	Affected	—
3.14.1	Affected	—
3.14	Affected	—
3.13.11	Affected	—
3.13.10	Affected	—
3.13.9	Affected	—
3.13.8	Affected	—
3.13.7	Affected	—
3.13.6	Affected	—
3.13.5	Affected	—
3.13.4	Affected	—
3.13.3	Affected	—
3.13.2	Affected	—
3.13.1	Affected	—
3.13	Affected	—
3.12.17	Affected	—
3.12.16	Affected	—
3.12.15	Affected	—
3.12.14	Affected	—
3.12.13	Affected	—
3.12.12	Affected	—
3.12.11	Affected	—
3.12.10	Affected	—
3.12.9	Affected	—
3.12.8	Affected	—
3.12.7	Affected	—
3.12.6	Affected	—
3.12.5	Affected	—
3.12.4	Affected	—
3.12.3	Affected	—
3.12.2	Affected	—
3.12.1	Affected	—
3.12	Affected	—
3.11.10	Affected	—
3.11.9	Affected	—
3.11.8	Affected	—
3.11.7	Affected	—
3.11.6	Affected	—
3.11.5	Affected	—
3.11.4	Affected	—
3.11.3	Affected	—
3.11.2	Affected	—
3.11.1	Affected	—
3.11	Affected	—
3.10.29	Affected	—
3.10.28	Affected	—
3.10.27	Affected	—
3.10.26	Affected	—
3.10.25	Affected	—
3.10.24	Affected	—
3.10.23	Affected	—
3.10.22	Affected	—
3.10.21	Affected	—
3.10.20	Affected	—
3.10.19	Affected	—
3.10.18	Affected	—
3.10.17	Affected	—
3.10.16	Affected	—
3.10.15	Affected	—
3.10.14	Affected	—
3.10.13	Affected	—
3.10.12	Affected	—
3.10.11	Affected	—
3.10.10	Affected	—
3.10.9	Affected	—
3.10.8	Affected	—
3.10.7	Affected	—
3.10.6	Affected	—
3.10.5	Affected	—
3.10.4	Affected	—
3.10.3	Affected	—
3.10.2	Affected	—
3.10.1	Affected	—
3.10.0	Affected	—
3.10	Affected	—
3.1.10	Affected	—
3.1.9	Affected	—
3.1.8	Affected	—
3.1.7	Affected	—
3.1.6	Affected	—
3.1.5	Affected	—
3.1.4	Affected	—
3.1.3	Affected	—
3.1.2	Affected	—
3.1.1	Affected	—
3.1	Affected	—
3.0.68	Affected	—
3.0.67	Affected	—
3.0.66	Affected	—
3.0.65	Affected	—
3.0.64	Affected	—
3.0.63	Affected	—
3.0.62	Affected	—
3.0.61	Affected	—
3.0.60	Affected	—
3.0.59	Affected	—
3.0.58	Affected	—
3.0.57	Affected	—
3.0.56	Affected	—
3.0.55	Affected	—
3.0.54	Affected	—
3.0.53	Affected	—
3.0.52	Affected	—
3.0.51	Affected	—
3.0.50	Affected	—
3.0.49	Affected	—
3.0.48	Affected	—
3.0.47	Affected	—
3.0.46	Affected	—
3.0.45	Affected	—
3.0.44	Affected	—
3.0.43	Affected	—
3.0.42	Affected	—
3.0.41	Affected	—
3.0.40	Affected	—
3.0.39	Affected	—
3.0.38	Affected	—
3.0.37	Affected	—
3.0.36	Affected	—
3.0.35	Affected	—
3.0.34	Affected	—
3.0.33	Affected	—
3.0.32	Affected	—
3.0.31	Affected	—
3.0.30	Affected	—
3.0.29	Affected	—
3.0.28	Affected	—
3.0.27	Affected	—
3.0.26	Affected	—
3.0.25	Affected	—
3.0.24	Affected	—
3.0.23	Affected	—
3.0.22	Affected	—
3.0.21	Affected	—
3.0.20	Affected	—
3.0.19	Affected	—
3.0.18	Affected	—
3.0.17	Affected	—
3.0.16	Affected	—
3.0.15	Affected	—
3.0.14	Affected	—
3.0.13	Affected	—
3.0.12	Affected	—
3.0.11	Affected	—
3.0.10	Affected	—
3.0.9	Affected	—
3.0.8	Affected	—
3.0.7	Affected	—
3.0.6	Affected	—
3.0.5	Affected	—
3.0.4	Affected	—
3.0.3	Affected	—
3.0.2	Affected	—
3.0.1	Affected	—
3.0	Affected	—
—	Affected	—

Debian Fixed 5 releases

Version	Status	Fixed in
trixie	Fixed	`3.16.7-ckt2-1`
sid	Fixed	`3.16.7-ckt2-1`
forky	Fixed	`3.16.7-ckt2-1`
bullseye	Fixed	`3.16.7-ckt2-1`
bookworm	Fixed	`3.16.7-ckt2-1`

References

CWEs

CWE-17

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.