CVE-2014-1738

Sažetak

The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device.

Reference

http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html
http://www.securityfocus.com/bid/67302
http://secunia.com/advisories/59262
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2145e15e0557a01b9195d1c7199a1b92cb9be81f
http://secunia.com/advisories/59309
http://secunia.com/advisories/59406
http://www.debian.org/security/2014/dsa-2928
https://bugzilla.redhat.com/show_bug.cgi?id=1094299
http://linux.oracle.com/errata/ELSA-2014-0771.html
http://rhn.redhat.com/errata/RHSA-2014-0800.html
http://www.openwall.com/lists/oss-security/2014/05/09/2
http://secunia.com/advisories/59599
http://www.debian.org/security/2014/dsa-2926
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html
https://github.com/torvalds/linux/commit/2145e15e0557a01b9195d1c7199a1b92cb9be81f
http://www.securitytracker.com/id/1030474
http://linux.oracle.com/errata/ELSA-2014-3043.html
http://rhn.redhat.com/errata/RHSA-2014-0801.html

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

07-11-2023 - 02:19

Objavljeno

11-05-2014 - 21:55