CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
0.4%
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through
3.15.6 allows local users to gain privileges by leveraging data-structure
differences between an l2tp socket and an inet socket.
Author | Note |
---|---|
jdstrand | android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | linux | < 2.6.32-64.128 | UNKNOWN |
ubuntu | 12.04 | noarch | linux | < 3.2.0-67.101 | UNKNOWN |
ubuntu | 13.10 | noarch | linux | < 3.11.0-26.45 | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < 3.13.0-32.57 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-armadaxp | < 3.2.0-1636.53 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-ec2 | < 2.6.32-368.84 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-quantal | < 3.5.0-54.81~precise1 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-raring | < 3.8.0-44.66~precise1 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-saucy | < 3.11.0-26.45~precise1 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-trusty | < 3.13.0-32.57~precise1 | UNKNOWN |
launchpad.net/bugs/cve/CVE-2014-4943
nvd.nist.gov/vuln/detail/CVE-2014-4943
security-tracker.debian.org/tracker/CVE-2014-4943
ubuntu.com/security/notices/USN-2281-1
ubuntu.com/security/notices/USN-2282-1
ubuntu.com/security/notices/USN-2283-1
ubuntu.com/security/notices/USN-2284-1
ubuntu.com/security/notices/USN-2285-1
ubuntu.com/security/notices/USN-2286-1
ubuntu.com/security/notices/USN-2287-1
ubuntu.com/security/notices/USN-2288-1
ubuntu.com/security/notices/USN-2289-1
ubuntu.com/security/notices/USN-2290-1
www.cve.org/CVERecord?id=CVE-2014-4943