Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-8159HistoryMar 16, 2015 - 10:59 a.m.
CVE-2014-8159
2015-03-1610:59:00
Debian Security Bug Tracker
security-tracker.debian.org
28
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.3%
The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by leveraging permissions on a uverbs device under /dev/infiniband/.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 3.16.7-ckt9-1 | linux_3.16.7-ckt9-1_all.deb |
| Debian | 11 | all | linux | < 3.16.7-ckt9-1 | linux_3.16.7-ckt9-1_all.deb |
| Debian | 10 | all | linux | < 3.16.7-ckt9-1 | linux_3.16.7-ckt9-1_all.deb |
| Debian | 999 | all | linux | < 3.16.7-ckt9-1 | linux_3.16.7-ckt9-1_all.deb |
| Debian | 13 | all | linux | < 3.16.7-ckt9-1 | linux_3.16.7-ckt9-1_all.deb |
Related
nessus
nessus
Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-2527-1)
2015-03-12 00:00:00
RHEL 5 : kernel (RHSA-2015:0919)
2015-05-01 00:00:00
Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerability (USN-2529-1)
2015-03-12 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2525-1)
2015-03-13 00:00:00
Ubuntu: Security Advisory (USN-2526-1)
2015-03-13 00:00:00
Ubuntu: Security Advisory (USN-2527-1)
2015-03-13 00:00:00
redhat
redhat
(RHSA-2015:0919) Important: kernel security update
2015-04-30 00:00:00
(RHSA-2015:0870) Important: kernel security update
2015-04-22 00:00:00
(RHSA-2015:0727) Important: kernel-rt security and bug fix update
2015-03-26 09:17:14
ubuntu
ubuntu
Linux kernel (Trusty HWE) vulnerability
2015-03-12 00:00:00
Linux kernel vulnerability
2015-03-12 00:00:00
Linux kernel vulnerability
2015-03-12 00:00:00
prion
prion
Design/Logic Flaw
2015-03-16 10:59:00
cve
cve
CVE-2014-8159
2015-03-16 10:59:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:05:17
Denial Of Service (DoS)
2019-05-02 05:13:00
securityvulns
securityvulns
[USN-2530-1] Linux kernel vulnerability
2015-03-15 00:00:00
[SECURITY] [DSA 3237-1] linux security update
2015-05-05 00:00:00
Linux kernel multiple security vulnerabilities
2015-03-15 00:00:00
cloudfoundry
cloudfoundry
CVE-2014-8159 - Linux Kernel Infiniband Vulnerability | Cloud Foundry
2015-03-13 00:00:00
USN 3020-1 Linux kernel (Vivid HWE) vulnerabilities | Cloud Foundry
2016-07-01 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2015-04-08 00:00:00
kernel security and bug fix update
2015-03-26 00:00:00
kernel security and bug fix update
2015-05-12 00:00:00
centos
centos
kernel security update
2015-04-07 22:09:26
kernel, perf, python security update
2015-04-01 03:22:51
kernel, perf, python security update
2015-03-12 15:31:30
fedora
fedora
[SECURITY] Fedora 22 Update: kernel-4.0.0-0.rc4.git0.1.fc22
2015-03-22 04:43:08
[SECURITY] Fedora 21 Update: kernel-3.19.1-201.fc21
2015-03-21 05:01:11
[SECURITY] Fedora 21 Update: kernel-3.19.2-201.fc21
2015-03-29 04:31:39
ubuntucve
ubuntucve
CVE-2014-8159
2014-12-31 00:00:00
f5
f5
SOL16478 - Linux kernel vulnerabilities CVE-2014-8159 and CVE-2014-8369
2015-04-22 00:00:00
K16478 : Linux kernel vulnerabilities CVE-2014-8159 and CVE-2014-8369
2015-04-22 00:00:00
suse
suse
Live patch for the Linux Kernel (important)
2015-09-04 12:16:25
Live patch for the Linux Kernel (important)
2015-09-04 12:09:23
Live patch for the Linux Kernel (important)
2015-09-04 12:11:01
mageia
mageia
Updated kernel package fixes security vulnerabilities
2015-05-01 00:57:25
Updated kernel-linus package fixes security vulnerabilities
2015-05-01 00:57:25
Updated kernel-tmb packages fix security vulnerabilities
2015-05-13 18:54:07
debian
debian
[SECURITY] [DSA 3237-1] linux security update
2015-04-26 12:37:13
[SECURITY] [DSA 3237-1] linux security update
2015-04-26 12:37:13
[SECURITY] [DLA 246-1] linux-2.6 security update
2015-06-17 11:25:00
osv
osv
linux - security update
2015-04-26 00:00:00
linux-2.6 - security update
2015-06-17 00:00:00
linux-2.6 - security update
2015-06-17 00:00:00
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.3%
Related for DEBIANCVE:CVE-2014-8159