Lucene search

K

[email protected]CVE-2014-1690

HistoryFeb 28, 2014 - 6:18 a.m.

CVE-2014-1690

2014-02-2806:18:00

CWE-200

[email protected]

web.nvd.nist.gov

52

cve-2014-1690

linux kernel

netfilter

nf_nat_irc

irc

dcc

nat mangle

information security

nvd

5.6 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

74.2%

The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature.

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt3.12.8
canonical:ubuntu_linuxcanonical ubuntu linuxeq13.10
canonical:ubuntu_linuxcanonical ubuntu linuxeq12.04

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2690d97ade05c5325cbf7c72b94b90d265659886

www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8

www.openwall.com/lists/oss-security/2014/01/28/3

www.ubuntu.com/usn/USN-2137-1

www.ubuntu.com/usn/USN-2140-1

www.ubuntu.com/usn/USN-2158-1

bugzilla.redhat.com/show_bug.cgi?id=1058748

github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886

5.6 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

74.2%

Related for CVE-2014-1690

prion2 ubuntucve1 debiancve1 cve1 openvas17 nessus11 ubuntu3 securityvulns2 mageia6 redhat1 veracode6 oraclelinux1 suse2