CVE-2014-3917CVE-2014-3917

Affected configuration(s):

cpe:/a:redhat:enterprise_mrg:2.0
cpe:/o:linux:linux_kernel:3.14:-
cpe:/o:linux:linux_kernel:3.14:rc1
cpe:/o:linux:linux_kernel:3.14:rc2
cpe:/o:linux:linux_kernel:3.14:rc3
cpe:/o:linux:linux_kernel:3.14:rc4
cpe:/o:linux:linux_kernel:3.14:rc5
cpe:/o:linux:linux_kernel:3.14:rc6
cpe:/o:linux:linux_kernel:3.14:rc7
cpe:/o:linux:linux_kernel:3.14:rc8
cpe:/o:linux:linux_kernel:3.14.1
cpe:/o:linux:linux_kernel:3.14.2
cpe:/o:linux:linux_kernel:3.14.3
cpe:/o:linux:linux_kernel:3.14.4
cpe:/o:linux:linux_kernel:3.14.5
cpe:/o:redhat:enterprise_linux:5
cpe:/o:redhat:enterprise_linux:6
cpe:/o:suse:linux_enterprise_desktop:10.0:sp4:~~lts~~~

Date published: 2014-06-05T13:55:07.307-04:00

Date last modified: 2016-04-01T14:27:25.120-04:00

CVSS Score: 3.3

Principal attack vector: LOCAL

Complexity:  MEDIUM

Reference URL: http://article.gmane.org/gmane.linux.kernel/1713179

Summary: kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.