CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
10.1%
The snd_ctl_elem_add function in sound/core/control.c in the ALSA control
implementation in the Linux kernel before 3.15.2 does not check
authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allows local
users to remove kernel controls and cause a denial of service
(use-after-free and system crash) by leveraging /dev/snd/controlCX access
for an ioctl call.
Author | Note |
---|---|
jdstrand | android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | linux | < 2.6.32-65.131 | UNKNOWN |
ubuntu | 12.04 | noarch | linux | < 3.2.0-68.102 | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < 3.13.0-35.62 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-armadaxp | < 3.2.0-1637.54 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-ec2 | < 2.6.32-369.85 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-trusty | < 3.13.0-35.62~precise1 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-ti-omap4 | < 3.2.0-1452.72 | UNKNOWN |
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=82262a46627bebb0febcc26664746c25cef08563
www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2
www.openwall.com/lists/oss-security/2014/06/26/6
bugzilla.redhat.com/show_bug.cgi?id=1113445
github.com/torvalds/linux/commit/82262a46627bebb0febcc26664746c25cef08563
launchpad.net/bugs/cve/CVE-2014-4654
nvd.nist.gov/vuln/detail/CVE-2014-4654
security-tracker.debian.org/tracker/CVE-2014-4654
ubuntu.com/security/notices/USN-2332-1
ubuntu.com/security/notices/USN-2333-1
ubuntu.com/security/notices/USN-2334-1
ubuntu.com/security/notices/USN-2335-1
ubuntu.com/security/notices/USN-2336-1
ubuntu.com/security/notices/USN-2337-1
www.cve.org/CVERecord?id=CVE-2014-4654