CVE-2014-4943

2014-07-1600:00:00

ubuntu.com

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through
3.15.6 allows local users to gain privileges by leveraging data-structure
differences between an l2tp socket and an inet socket.

Bugs

<https://launchpad.net/bugs/1341472>

Notes

Author	Note
jdstrand	android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchlinux< 2.6.32-64.128UNKNOWN
ubuntu12.04noarchlinux< 3.2.0-67.101UNKNOWN
ubuntu13.10noarchlinux< 3.11.0-26.45UNKNOWN
ubuntu14.04noarchlinux< 3.13.0-32.57UNKNOWN
ubuntu12.04noarchlinux-armadaxp< 3.2.0-1636.53UNKNOWN
ubuntu10.04noarchlinux-ec2< 2.6.32-368.84UNKNOWN
ubuntu12.04noarchlinux-lts-quantal< 3.5.0-54.81~precise1UNKNOWN
ubuntu12.04noarchlinux-lts-raring< 3.8.0-44.66~precise1UNKNOWN
ubuntu12.04noarchlinux-lts-saucy< 3.11.0-26.45~precise1UNKNOWN
ubuntu12.04noarchlinux-lts-trusty< 3.13.0-32.57~precise1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.04	noarch	linux	< 2.6.32-64.128	UNKNOWN
ubuntu	12.04	noarch	linux	< 3.2.0-67.101	UNKNOWN
ubuntu	13.10	noarch	linux	< 3.11.0-26.45	UNKNOWN
ubuntu	14.04	noarch	linux	< 3.13.0-32.57	UNKNOWN
ubuntu	12.04	noarch	linux-armadaxp	< 3.2.0-1636.53	UNKNOWN
ubuntu	10.04	noarch	linux-ec2	< 2.6.32-368.84	UNKNOWN
ubuntu	12.04	noarch	linux-lts-quantal	< 3.5.0-54.81~precise1	UNKNOWN
ubuntu	12.04	noarch	linux-lts-raring	< 3.8.0-44.66~precise1	UNKNOWN
ubuntu	12.04	noarch	linux-lts-saucy	< 3.11.0-26.45~precise1	UNKNOWN
ubuntu	12.04	noarch	linux-lts-trusty	< 3.13.0-32.57~precise1	UNKNOWN