Lucene search
HistoryFeb 06, 2015 - 11:59 a.m.
CVE-2014-5332
cve
2014
5332
nvmap
nvidia
tegra
linux kernel
use-after-free
privilege escalation
nvmap_ioc_create
ioctl
race condition
chrome sandbox
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
6.5 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by using a race condition to escape the Chrome sandbox.
Affected configurations
Node
linuxlinux_kernelMatch3.10
| CPE | Name | Operator | Version |
|---|---|---|---|
| linux:linux_kernel | linux linux kernel | eq | 3.10 |
Related
googleprojectzero
googleprojectzero
Exploiting NVMAP to escape the Chrome sandbox - CVE-2014-5332
2015-01-22 00:00:00
cvelist
cvelist
CVE-2014-5332
2015-02-06 11:00:00
prion
prion
Race condition
2015-02-06 11:59:00
ubuntucve
ubuntucve
CVE-2014-5332
2015-02-06 00:00:00
nvd
nvd
CVE-2014-5332
2015-02-06 11:59:03
debiancve
debiancve
CVE-2014-5332
2015-02-06 11:59:03
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
6.5 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2014-5332