CVE-2014-1738

MEDIUM

Description

The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device.

ID	Name	Product	Family	Severity
99163	OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0057) (Dirty COW)	Nessus	OracleVM Local Security Checks	critical
83628	SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0832-1)	Nessus	SuSE Local Security Checks	high
83627	SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0773-1)	Nessus	SuSE Local Security Checks	high
83626	SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0772-1)	Nessus	SuSE Local Security Checks	high
81800	Oracle Linux 7 : kernel (ELSA-2015-0290)	Nessus	Oracle Linux Local Security Checks	high
79290	RHEL 5 : kernel (RHSA-2014:0801)	Nessus	Red Hat Local Security Checks	high
79035	RHEL 6 : kernel (RHSA-2014:0900)	Nessus	Red Hat Local Security Checks	high
79032	RHEL 6 : kernel (RHSA-2014:0800)	Nessus	Red Hat Local Security Checks	high
79031	RHEL 5 : kernel (RHSA-2014:0772)	Nessus	Red Hat Local Security Checks	high
77355	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2014-3070)	Nessus	Oracle Linux Local Security Checks	high
76901	RHEL 7 : kernel (RHSA-2014:0786)	Nessus	Red Hat Local Security Checks	high
76738	Oracle Linux 7 : kernel (ELSA-2014-0786)	Nessus	Oracle Linux Local Security Checks	high
76677	RHEL 6 : MRG (RHSA-2014:0557)	Nessus	Red Hat Local Security Checks	high
76295	Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2260-1)	Nessus	Ubuntu Local Security Checks	high
76186	Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3043)	Nessus	Oracle Linux Local Security Checks	high
76185	Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3042)	Nessus	Oracle Linux Local Security Checks	high
76184	Oracle Linux 6 : unbreakable enterprise kernel (ELSA-2014-3041)	Nessus	Oracle Linux Local Security Checks	high
76170	CentOS 6 : kernel (CESA-2014:0771)	Nessus	CentOS Local Security Checks	high
76157	Scientific Linux Security Update : kernel on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
76156	RHEL 6 : kernel (RHSA-2014:0771)	Nessus	Red Hat Local Security Checks	high
76155	Oracle Linux 6 : kernel (ELSA-2014-0771)	Nessus	Oracle Linux Local Security Checks	high
75364	openSUSE Security Update : kernel (openSUSE-SU-2014:0677-1)	Nessus	SuSE Local Security Checks	critical
75363	openSUSE Security Update : kernel (openSUSE-SU-2014:0678-1)	Nessus	SuSE Local Security Checks	critical
74513	Mandriva Linux Security Advisory : kernel (MDVSA-2014:124)	Nessus	Mandriva Local Security Checks	critical
74505	Oracle Linux 5 : kernel (ELSA-2014-0740-1)	Nessus	Oracle Linux Local Security Checks	high
74489	Scientific Linux Security Update : kernel on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
74482	Oracle Linux 5 : kernel (ELSA-2014-0740)	Nessus	Oracle Linux Local Security Checks	high
74471	CentOS 5 : kernel (CESA-2014:0740)	Nessus	CentOS Local Security Checks	high
74458	RHEL 5 : kernel (RHSA-2014:0740)	Nessus	Red Hat Local Security Checks	high
74215	Ubuntu 13.10 : linux vulnerabilities (USN-2228-1)	Nessus	Ubuntu Local Security Checks	critical
74214	Ubuntu 14.04 LTS : linux vulnerabilities (USN-2226-1)	Nessus	Ubuntu Local Security Checks	high
74213	Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2225-1)	Nessus	Ubuntu Local Security Checks	critical
74212	Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2224-1)	Nessus	Ubuntu Local Security Checks	critical
74211	Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2223-1)	Nessus	Ubuntu Local Security Checks	critical
74184	Ubuntu 12.04 LTS : linux vulnerabilities (USN-2221-1)	Nessus	Ubuntu Local Security Checks	critical
74183	Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2220-1)	Nessus	Ubuntu Local Security Checks	high
74182	Ubuntu 10.04 LTS : linux vulnerabilities (USN-2219-1)	Nessus	Ubuntu Local Security Checks	high
74132	Fedora 19 : kernel-3.14.4-100.fc19 (2014-6354)	Nessus	Fedora Local Security Checks	high
74049	Fedora 20 : kernel-3.14.4-200.fc20 (2014-6357)	Nessus	Fedora Local Security Checks	high
74033	SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 9233 / 9236 / 9237)	Nessus	SuSE Local Security Checks	high
74027	Debian DSA-2928-1 : linux-2.6 - privilege escalation/denial of service/information leak	Nessus	Debian Local Security Checks	high
73971	Debian DSA-2926-1 : linux - security update	Nessus	Debian Local Security Checks	high

CVE-2014-1738

Description

References

Details

Risk Information

CVSS v2.0