Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-7300
HistoryDec 25, 2014 - 9:59 p.m.

CVE-2014-7300

2014-12-2521:59:02
CWE-399
[email protected]
web.nvd.nist.gov
26
cve-2014-7300
gnome shell
screen lock
memory consumption
prtsc requests
linux kernel
oom killer

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.9%

JSON

GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.

Affected configurations

NVD
Node
gnomegnome-shellMatch3.14.0
Node
redhatenterprise_linux_desktopMatch7.0
OR
redhatenterprise_linux_hpc_nodeMatch7.0
OR
redhatenterprise_linux_serverMatch7.0
OR
redhatenterprise_linux_workstationMatch7.0

Related

openvas 5
ubuntucve 1
nvd 1
nessus 7
mageia 1
prion 1
redhat 1
centos 1
fedora 1
debiancve 1
oraclelinux 1
cvelist 1
openvas
openvas
Oracle: Security Advisory (ELSA-2015-0535)
2015-10-06 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0515-1)
2021-04-19 00:00:00
Fedora Update for gnome-shell FEDORA-2014-12690
2014-10-19 00:00:00
ubuntucve
ubuntucve
CVE-2014-7300
2014-12-25 00:00:00
nvd
nvd
CVE-2014-7300
2014-12-25 21:59:02
nessus
nessus
RHEL 7 : GNOME Shell (RHSA-2015:0535)
2015-03-05 00:00:00
Scientific Linux Security Update : GNOME Shell on SL7.x x86_64 (20150305)
2015-03-26 00:00:00
openSUSE Security Update : gnome-settings-daemon (openSUSE-SU-2014:1348-1)
2014-11-04 00:00:00
mageia
mageia
Updated gnome-shell and gnome-settings-daemon packages fix security vulnerability
2014-12-01 20:57:09
prion
prion
Design/Logic Flaw
2014-12-25 21:59:00
redhat
redhat
(RHSA-2015:0535) Low: GNOME Shell security, bug fix, and enhancement update
2015-03-05 00:00:00
centos
centos
clutter, cogl, gnome, mutter security update
2015-03-17 13:27:42
fedora
fedora
[SECURITY] Fedora 20 Update: gnome-shell-3.10.4-9.fc20
2014-10-18 16:58:08
debiancve
debiancve
CVE-2014-7300
2014-12-25 21:59:02
oraclelinux
oraclelinux
GNOME Shell security, bug fix, and enhancement update
2015-03-11 00:00:00
cvelist
cvelist
CVE-2014-7300
2014-12-25 21:00:00

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.9%

JSON
Related for CVE-2014-7300
openvas5ubuntucve1nvd1nessus7mageia1prion1redhat1centos1fedora1debiancve1oraclelinux1cvelist1