CVE-2014-1738

LOW

Description

The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device.

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2145e15e0557a01b9195d1c7199a1b92cb9be81f

http://linux.oracle.com/errata/ELSA-2014-0771.html

http://linux.oracle.com/errata/ELSA-2014-3043.html

http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html

http://rhn.redhat.com/errata/RHSA-2014-0800.html

http://rhn.redhat.com/errata/RHSA-2014-0801.html

http://secunia.com/advisories/59262

http://secunia.com/advisories/59309

http://secunia.com/advisories/59406

http://secunia.com/advisories/59599

http://www.debian.org/security/2014/dsa-2926

http://www.debian.org/security/2014/dsa-2928

http://www.openwall.com/lists/oss-security/2014/05/09/2

http://www.securityfocus.com/bid/67302

http://www.securitytracker.com/id/1030474

https://bugzilla.redhat.com/show_bug.cgi?id=1094299

https://github.com/torvalds/linux/commit/2145e15e0557a01b9195d1c7199a1b92cb9be81f

Details

Source: MITRE

Published: 2014-05-11

Updated: 2020-08-21

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

Vulnerable Software

Tenable Plugins

View all (44 total)

ID	Name	Product	Family	Severity
124988	EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1535)	Nessus	Huawei Local Security Checks	high
124803	EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1479)	Nessus	Huawei Local Security Checks	critical
99163	OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0057) (Dirty COW)	Nessus	OracleVM Local Security Checks	critical
83628	SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0832-1)	Nessus	SuSE Local Security Checks	high
83627	SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0773-1)	Nessus	SuSE Local Security Checks	high
83626	SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0772-1)	Nessus	SuSE Local Security Checks	high
81800	Oracle Linux 7 : kernel (ELSA-2015-0290)	Nessus	Oracle Linux Local Security Checks	high
79290	RHEL 5 : kernel (RHSA-2014:0801)	Nessus	Red Hat Local Security Checks	high
79035	RHEL 6 : kernel (RHSA-2014:0900)	Nessus	Red Hat Local Security Checks	high
79032	RHEL 6 : kernel (RHSA-2014:0800)	Nessus	Red Hat Local Security Checks	high
79031	RHEL 5 : kernel (RHSA-2014:0772)	Nessus	Red Hat Local Security Checks	high
77355	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2014-3070)	Nessus	Oracle Linux Local Security Checks	high
76901	RHEL 7 : kernel (RHSA-2014:0786)	Nessus	Red Hat Local Security Checks	high
76738	Oracle Linux 7 : kernel (ELSA-2014-0786)	Nessus	Oracle Linux Local Security Checks	high
76677	RHEL 6 : MRG (RHSA-2014:0557)	Nessus	Red Hat Local Security Checks	high
76295	Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2260-1)	Nessus	Ubuntu Local Security Checks	high
76186	Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3043)	Nessus	Oracle Linux Local Security Checks	high
76185	Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3042)	Nessus	Oracle Linux Local Security Checks	high
76184	Oracle Linux 6 : unbreakable enterprise kernel (ELSA-2014-3041)	Nessus	Oracle Linux Local Security Checks	high
76170	CentOS 6 : kernel (CESA-2014:0771)	Nessus	CentOS Local Security Checks	high
76157	Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20140619)	Nessus	Scientific Linux Local Security Checks	high
76156	RHEL 6 : kernel (RHSA-2014:0771)	Nessus	Red Hat Local Security Checks	high
76155	Oracle Linux 6 : kernel (ELSA-2014-0771)	Nessus	Oracle Linux Local Security Checks	high
75364	openSUSE Security Update : kernel (openSUSE-SU-2014:0677-1)	Nessus	SuSE Local Security Checks	critical
75363	openSUSE Security Update : kernel (openSUSE-SU-2014:0678-1)	Nessus	SuSE Local Security Checks	critical
74513	Mandriva Linux Security Advisory : kernel (MDVSA-2014:124)	Nessus	Mandriva Local Security Checks	critical
74505	Oracle Linux 5 : kernel (ELSA-2014-0740-1)	Nessus	Oracle Linux Local Security Checks	high
74489	Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140610)	Nessus	Scientific Linux Local Security Checks	high
74482	Oracle Linux 5 : kernel (ELSA-2014-0740)	Nessus	Oracle Linux Local Security Checks	high
74471	CentOS 5 : kernel (CESA-2014:0740)	Nessus	CentOS Local Security Checks	high
74458	RHEL 5 : kernel (RHSA-2014:0740)	Nessus	Red Hat Local Security Checks	high
74215	Ubuntu 13.10 : linux vulnerabilities (USN-2228-1)	Nessus	Ubuntu Local Security Checks	critical
74214	Ubuntu 14.04 LTS : linux vulnerabilities (USN-2226-1)	Nessus	Ubuntu Local Security Checks	high
74213	Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2225-1)	Nessus	Ubuntu Local Security Checks	critical
74212	Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2224-1)	Nessus	Ubuntu Local Security Checks	critical
74211	Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2223-1)	Nessus	Ubuntu Local Security Checks	critical
74184	Ubuntu 12.04 LTS : linux vulnerabilities (USN-2221-1)	Nessus	Ubuntu Local Security Checks	critical
74183	Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2220-1)	Nessus	Ubuntu Local Security Checks	high
74182	Ubuntu 10.04 LTS : linux vulnerabilities (USN-2219-1)	Nessus	Ubuntu Local Security Checks	high
74132	Fedora 19 : kernel-3.14.4-100.fc19 (2014-6354)	Nessus	Fedora Local Security Checks	high
74049	Fedora 20 : kernel-3.14.4-200.fc20 (2014-6357)	Nessus	Fedora Local Security Checks	high
74033	SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 9233 / 9236 / 9237)	Nessus	SuSE Local Security Checks	high
74027	Debian DSA-2928-1 : linux-2.6 - privilege escalation/denial of service/information leak	Nessus	Debian Local Security Checks	high
73971	Debian DSA-2926-1 : linux - security update	Nessus	Debian Local Security Checks	high