Lucene search

K

PRIOn knowledge basePRION:CVE-2014-1737

HistoryMay 11, 2014 - 9:55 p.m.

Input validation

2014-05-1121:55:00

PRIOn knowledge base

www.prio-n.com

12

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.3%

The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

CPENameOperatorVersion
debian_linuxeq7.0
debian_linuxeq6.0
linux_kernelge3.13
linux_kernellt3.14.4
linux_kernelge3.11
linux_kernellt3.12.20
linux_kernelge3.5
linux_kernellt3.10.40
linux_kernelge3.3
linux_kernellt3.4.90

Rows per page:

1-10 of 201

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ef87dbe7614341c2e7bfe8d32fcb7028cc97442c

linux.oracle.com/errata/ELSA-2014-0771.html

linux.oracle.com/errata/ELSA-2014-3043.html

lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html

lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html

rhn.redhat.com/errata/RHSA-2014-0800.html

rhn.redhat.com/errata/RHSA-2014-0801.html

secunia.com/advisories/59262

secunia.com/advisories/59309

secunia.com/advisories/59406

secunia.com/advisories/59599

www.debian.org/security/2014/dsa-2926

www.debian.org/security/2014/dsa-2928

www.openwall.com/lists/oss-security/2014/05/09/2

www.securityfocus.com/bid/67300

www.securitytracker.com/id/1030474

bugzilla.redhat.com/show_bug.cgi?id=1094299

github.com/torvalds/linux/commit/ef87dbe7614341c2e7bfe8d32fcb7028cc97442c

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.3%

Related for PRION:CVE-2014-1737

ubuntucve1 cve1 veracode7 debiancve1 redhat9 oraclelinux8 nessus45 securityvulns4 openvas70 centos2 osv2 debian2 suse6 mageia10 ubuntu10 altlinux1 fedora20