Lucene search

PRIOn knowledge basePRION:CVE-2014-1690

HistoryFeb 28, 2014 - 6:18 a.m.

Information disclosure

2014-02-2806:18:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

72.7%

JSON

The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature.

CPENameOperatorVersion
ubuntu_linuxeq13.10
ubuntu_linuxeq12.04
linux_kernellt3.12.8

Name	Operator	Version
ubuntu_linux	eq	13.10
ubuntu_linux	eq	12.04
linux_kernel	lt	3.12.8

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2690d97ade05c5325cbf7c72b94b90d265659886

www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8

www.openwall.com/lists/oss-security/2014/01/28/3

www.ubuntu.com/usn/USN-2137-1

www.ubuntu.com/usn/USN-2140-1

www.ubuntu.com/usn/USN-2158-1

bugzilla.redhat.com/show_bug.cgi?id=1058748

github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886

6.3 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

72.7%

JSON

Related for PRION:CVE-2014-1690