Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-1739

Опубликовано: 30 апр. 2014
Источник: redhat
CVSS2: 1.7

Описание

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.

An information leak flaw was found in the way the Linux kernel handled media device enumerate entities IOCTL requests. A local user able to access the /dev/media0 device file could use this flaw to leak kernel memory bytes.

Отчет

This issue does not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise MRG 2realtime-kernelNot affected
Red Hat Enterprise Linux 7kernelFixedRHSA-2014:197109.12.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=1109774Kernel: drivers: media: an information leakage

1.7 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-1739

ubuntu
почти 11 лет назад

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.

nvd логотип

CVE-2014-1739

nvd
почти 11 лет назад

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.

debian логотип

CVE-2014-1739

debian
почти 11 лет назад

The media_device_enum_entities function in drivers/media/media-device. ...

github логотип

GHSA-pqjc-5x4q-33rx

github
около 3 лет назад

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.

oracle-oval логотип

ELSA-2014-3096

oracle-oval
больше 10 лет назад

ELSA-2014-3096: Unbreakable Enterprise kernel security update (IMPORTANT)

1.7 Low

CVSS2