CVE-2014-3917

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1102571

http://article.gmane.org/gmane.linux.kernel/1713179

http://www.openwall.com/lists/oss-security/2014/05/29/5

http://secunia.com/advisories/60011

http://secunia.com/advisories/59777

http://secunia.com/advisories/60564

http://rhn.redhat.com/errata/RHSA-2014-1143.html

http://www.ubuntu.com/usn/USN-2334-1

http://www.ubuntu.com/usn/USN-2335-1

http://rhn.redhat.com/errata/RHSA-2014-1281.html

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html

Details

Source: MITRE

Published: 2014-06-05

Updated: 2021-07-15

Type: CWE-200

Risk Information

CVSS v2

Base Score: 3.3

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:P

Impact Score: 4.9

Exploitability Score: 3.4

Severity: LOW

Tenable Plugins

View all (37 total)

IDNameProductFamilySeverity
124981EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1528)NessusHuawei Local Security Checks
high
124804EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1480)NessusHuawei Local Security Checks
high
83723SUSE SLES10 Security Update : kernel (SUSE-SU-2015:0812-1)NessusSuSE Local Security Checks
high
83640SUSE SLES11 Security Update : kernel (SUSE-SU-2014:1138-1)NessusSuSE Local Security Checks
medium
83633SUSE SLES11 Security Update : kernel (SUSE-SU-2014:1105-1)NessusSuSE Local Security Checks
high
81800Oracle Linux 7 : kernel (ELSA-2015-0290)NessusOracle Linux Local Security Checks
high
77806RHEL 7 : kernel (RHSA-2014:1281)NessusRed Hat Local Security Checks
low
77805Oracle Linux 7 : kernel (ELSA-2014-1281)NessusOracle Linux Local Security Checks
low
77781CentOS 7 : kernel (CESA-2014:1281)NessusCentOS Local Security Checks
low
77626RHEL 6 : kernel (RHSA-2014:1167)NessusRed Hat Local Security Checks
high
77625Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3074)NessusOracle Linux Local Security Checks
low
77624Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3073)NessusOracle Linux Local Security Checks
medium
77623Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2014-3072)NessusOracle Linux Local Security Checks
low
77598Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20140909)NessusScientific Linux Local Security Checks
high
77597Oracle Linux 6 : kernel (ELSA-2014-1167)NessusOracle Linux Local Security Checks
high
77584CentOS 6 : kernel (CESA-2014:1167)NessusCentOS Local Security Checks
high
77552Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140903)NessusScientific Linux Local Security Checks
low
77550Oracle Linux 5 : kernel (ELSA-2014-1143)NessusOracle Linux Local Security Checks
low
77549Oracle Linux 5 : kernel (ELSA-2014-1143-1)NessusOracle Linux Local Security Checks
low
77546CentOS 5 : kernel (CESA-2014:1143)NessusCentOS Local Security Checks
low
77518RHEL 5 : kernel (RHSA-2014:1143)NessusRed Hat Local Security Checks
low
77490Ubuntu 12.04 LTS : linux vulnerabilities (USN-2334-1)NessusUbuntu Local Security Checks
high
77199Ubuntu 14.04 LTS : linux vulnerability (USN-2314-1)NessusUbuntu Local Security Checks
low
77198Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-2313-1)NessusUbuntu Local Security Checks
low
77177openSUSE Security Update : kernel (openSUSE-SU-2014:0985-1)NessusSuSE Local Security Checks
high
76988openSUSE Security Update : kernel (openSUSE-SU-2014:0957-1)NessusSuSE Local Security Checks
medium
76696RHEL 6 : kernel-rt (RHSA-2014:0913)NessusRed Hat Local Security Checks
high
76568Ubuntu 13.10 : linux vulnerabilities (USN-2289-1)NessusUbuntu Local Security Checks
high
76566Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2287-1)NessusUbuntu Local Security Checks
high
76565Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2286-1)NessusUbuntu Local Security Checks
high
76564Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2285-1)NessusUbuntu Local Security Checks
high
76562Ubuntu 10.04 LTS : linux vulnerabilities (USN-2282-1)NessusUbuntu Local Security Checks
high
76561Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2281-1)NessusUbuntu Local Security Checks
high
76557SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 9488 / 9491 / 9493)NessusSuSE Local Security Checks
critical
76083Fedora 19 : kernel-3.14.7-100.fc19 (2014-7320)NessusFedora Local Security Checks
high
74513Mandriva Linux Security Advisory : kernel (MDVSA-2014:124)NessusMandriva Local Security Checks
critical
74339Fedora 20 : kernel-3.14.5-200.fc20 (2014-7033)NessusFedora Local Security Checks
low