Lucene search

K

[email protected]NVD:CVE-2014-7145

HistorySep 28, 2014 - 10:55 a.m.

CVE-2014-7145

2014-09-2810:55:10

CWE-399

[email protected]

web.nvd.nist.gov

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.1 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.3%

The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.

Affected configurations

NVD

Node

redhatenterprise_linux_desktopMatch7.0

OR

redhatenterprise_linux_hpc_nodeMatch7.0

OR

redhatenterprise_linux_serverMatch7.0

OR

redhatenterprise_linux_workstationMatch7.0

Node

linuxlinux_kernelRange3.6–3.10.55

OR

linuxlinux_kernelRange3.11–3.12.29

OR

linuxlinux_kernelRange3.13–3.14.19

OR

linuxlinux_kernelRange3.15–3.16.3

Node

canonicalubuntu_linuxMatch12.04lts

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=18f39e7be0121317550d03e267e3ebd4dbfbb3ce

rhn.redhat.com/errata/RHSA-2015-0102.html

www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3

www.openwall.com/lists/oss-security/2014/09/22/4

www.securityfocus.com/bid/69867

www.ubuntu.com/usn/USN-2394-1

github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.1 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.3%

Related for NVD:CVE-2014-7145

cvelist1 f52 prion1 cve1 debiancve1 ubuntucve1 nessus10 oraclelinux2 openvas8 securityvulns2 centos1 ubuntu2 redhat1 lenovo1