CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
83.1%
Sasha Levin reported a flaw in the Linux kernel’s point-to-point protocol
(PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user
could exploit this flaw to gain administrative privileges. (CVE-2014-4943)
Michael S. Tsirkin discovered an information leak in the Linux kernel’s
segmentation of skbs when using the zerocopy feature of vhost-net. A local
attacker could exploit this flaw to gain potentially sensitive information
from kernel memory. (CVE-2014-0131)
An flaw was discovered in the Linux kernel’s audit subsystem when auditing
certain syscalls. A local attacker could exploit this flaw to obtain
potentially sensitive single-bit values from kernel memory or cause a
denial of service (OOPS). (CVE-2014-3917)
A flaw was discovered in the Linux kernel’s implementation of user
namespaces with respect to inode permissions. A local user could exploit
this flaw by creating a user namespace to gain administrative privileges.
(CVE-2014-4014)
Don Bailey and Ludvig Strigeus discovered an integer overflow in the Linux
kernel’s implementation of the LZ4 decompression algorithm, when used by
code not complying with API limitations. An attacker could exploit this
flaw to cause a denial of service (memory corruption) or possibly other
unspecified impact. (CVE-2014-4611)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 12.04 | noarch | linux-image-3.11.0-26-generic-lpae | < 3.11.0-26.45~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | block-modules-3.11.0-26-generic-di | < 3.11.0-26.45~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | crypto-modules-3.11.0-26-generic-di | < 3.11.0-26.45~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | fat-modules-3.11.0-26-generic-di | < 3.11.0-26.45~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | fb-modules-3.11.0-26-generic-di | < 3.11.0-26.45~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | firewire-core-modules-3.11.0-26-generic-di | < 3.11.0-26.45~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | floppy-modules-3.11.0-26-generic-di | < 3.11.0-26.45~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | fs-core-modules-3.11.0-26-generic-di | < 3.11.0-26.45~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | fs-secondary-modules-3.11.0-26-generic-di | < 3.11.0-26.45~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | input-modules-3.11.0-26-generic-di | < 3.11.0-26.45~precise1 | UNKNOWN |