CVE-2014-1738

LOW

Description

The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device.

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2145e15e0557a01b9195d1c7199a1b92cb9be81f

http://linux.oracle.com/errata/ELSA-2014-0771.html

http://linux.oracle.com/errata/ELSA-2014-3043.html

http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html

http://rhn.redhat.com/errata/RHSA-2014-0800.html

http://rhn.redhat.com/errata/RHSA-2014-0801.html

http://secunia.com/advisories/59262

http://secunia.com/advisories/59309

http://secunia.com/advisories/59406

http://secunia.com/advisories/59599

http://www.debian.org/security/2014/dsa-2926

http://www.debian.org/security/2014/dsa-2928

http://www.openwall.com/lists/oss-security/2014/05/09/2

http://www.securityfocus.com/bid/67302

http://www.securitytracker.com/id/1030474

https://bugzilla.redhat.com/show_bug.cgi?id=1094299

https://github.com/torvalds/linux/commit/2145e15e0557a01b9195d1c7199a1b92cb9be81f

Details

Source: MITRE

Published: 2014-05-11

Updated: 2020-08-21

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 3.14.3 (inclusive)

Configuration 2

OR

cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*

cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*

Tenable Plugins

View all (44 total)

IDNameProductFamilySeverity
124988EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1535)NessusHuawei Local Security Checks
high
124803EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1479)NessusHuawei Local Security Checks
critical
99163OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0057) (Dirty COW)NessusOracleVM Local Security Checks
critical
83628SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0832-1)NessusSuSE Local Security Checks
high
83627SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0773-1)NessusSuSE Local Security Checks
high
83626SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0772-1)NessusSuSE Local Security Checks
high
81800Oracle Linux 7 : kernel (ELSA-2015-0290)NessusOracle Linux Local Security Checks
high
79290RHEL 5 : kernel (RHSA-2014:0801)NessusRed Hat Local Security Checks
high
79035RHEL 6 : kernel (RHSA-2014:0900)NessusRed Hat Local Security Checks
high
79032RHEL 6 : kernel (RHSA-2014:0800)NessusRed Hat Local Security Checks
high
79031RHEL 5 : kernel (RHSA-2014:0772)NessusRed Hat Local Security Checks
high
77355Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2014-3070)NessusOracle Linux Local Security Checks
high
76901RHEL 7 : kernel (RHSA-2014:0786)NessusRed Hat Local Security Checks
high
76738Oracle Linux 7 : kernel (ELSA-2014-0786)NessusOracle Linux Local Security Checks
high
76677RHEL 6 : MRG (RHSA-2014:0557)NessusRed Hat Local Security Checks
high
76295Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2260-1)NessusUbuntu Local Security Checks
high
76186Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3043)NessusOracle Linux Local Security Checks
high
76185Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3042)NessusOracle Linux Local Security Checks
high
76184Oracle Linux 6 : unbreakable enterprise kernel (ELSA-2014-3041)NessusOracle Linux Local Security Checks
high
76170CentOS 6 : kernel (CESA-2014:0771)NessusCentOS Local Security Checks
high
76157Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20140619)NessusScientific Linux Local Security Checks
high
76156RHEL 6 : kernel (RHSA-2014:0771)NessusRed Hat Local Security Checks
high
76155Oracle Linux 6 : kernel (ELSA-2014-0771)NessusOracle Linux Local Security Checks
high
75364openSUSE Security Update : kernel (openSUSE-SU-2014:0677-1)NessusSuSE Local Security Checks
critical
75363openSUSE Security Update : kernel (openSUSE-SU-2014:0678-1)NessusSuSE Local Security Checks
critical
74513Mandriva Linux Security Advisory : kernel (MDVSA-2014:124)NessusMandriva Local Security Checks
critical
74505Oracle Linux 5 : kernel (ELSA-2014-0740-1)NessusOracle Linux Local Security Checks
high
74489Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140610)NessusScientific Linux Local Security Checks
high
74482Oracle Linux 5 : kernel (ELSA-2014-0740)NessusOracle Linux Local Security Checks
high
74471CentOS 5 : kernel (CESA-2014:0740)NessusCentOS Local Security Checks
high
74458RHEL 5 : kernel (RHSA-2014:0740)NessusRed Hat Local Security Checks
high
74215Ubuntu 13.10 : linux vulnerabilities (USN-2228-1)NessusUbuntu Local Security Checks
critical
74214Ubuntu 14.04 LTS : linux vulnerabilities (USN-2226-1)NessusUbuntu Local Security Checks
high
74213Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2225-1)NessusUbuntu Local Security Checks
critical
74212Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2224-1)NessusUbuntu Local Security Checks
critical
74211Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2223-1)NessusUbuntu Local Security Checks
critical
74184Ubuntu 12.04 LTS : linux vulnerabilities (USN-2221-1)NessusUbuntu Local Security Checks
critical
74183Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2220-1)NessusUbuntu Local Security Checks
high
74182Ubuntu 10.04 LTS : linux vulnerabilities (USN-2219-1)NessusUbuntu Local Security Checks
high
74132Fedora 19 : kernel-3.14.4-100.fc19 (2014-6354)NessusFedora Local Security Checks
high
74049Fedora 20 : kernel-3.14.4-200.fc20 (2014-6357)NessusFedora Local Security Checks
high
74033SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 9233 / 9236 / 9237)NessusSuSE Local Security Checks
high
74027Debian DSA-2928-1 : linux-2.6 - privilege escalation/denial of service/information leakNessusDebian Local Security Checks
high
73971Debian DSA-2926-1 : linux - security updateNessusDebian Local Security Checks
high