Количество 43
Количество 43
CVE-2014-1738
The raw_cmd_copyout function in drivers/block/floppy.c in the Linux ke ...
ELSA-2014-0786
ELSA-2014-0786: kernel security, bug fix, and enhancement update (IMPORTANT)
SUSE-SU-2015:0652-1
Security update for Kernel
GHSA-949p-32jv-ghmg
The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device.
BDU:2014-00111
Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии
BDU:2014-00052
Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к защищаемой информации
CVE-2014-1874
The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context.
CVE-2014-1874
The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context.
CVE-2014-1874
The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context.
CVE-2014-1874
The security_context_to_sid_core function in security/selinux/ss/servi ...
CVE-2014-1737
The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. First, raw_cmd_ioctl calls raw_cmd_copyin. This function kmallocs space for a floppy_raw_cmd structure and stores the resulting allocation in the "rcmd" pointer argument. It then attempts to copy_from_user the structure from userspace. If this fails, an early EFAULT return is taken. The problem is that even if the early return is taken, the pointer to the non-/partially-initialized floppy_raw_cmd structure has already been returned via the "rcmd" pointer. Back out in raw_cmd_ioctl, it attempts to raw_cmd_free this pointer. raw_cmd_free attempts to free any DMA pages allocated for the raw command, kfrees the raw command structure itself, and follows the linked list, if any, of further raw com...
CVE-2014-1737
The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.
CVE-2014-1737
The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.
CVE-2014-1737
The raw_cmd_copyin function in drivers/block/floppy.c in the Linux ker ...
GHSA-284f-hr5w-9657
The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context.
GHSA-vmrj-8qgc-5x6c
The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.
BDU:2014-00334
Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании или повысить свои привилегии
BDU:2014-00110
Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии
BDU:2014-00053
Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к защищаемой информации
BDU:2015-04310
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| CVE-2014-1738 The raw_cmd_copyout function in drivers/block/floppy.c in the Linux ke ... | CVSS2: 2.1 | 0% Низкий | около 11 лет назад |
| ELSA-2014-0786 ELSA-2014-0786: kernel security, bug fix, and enhancement update (IMPORTANT) | около 11 лет назад | ||
 | SUSE-SU-2015:0652-1 Security update for Kernel | больше 13 лет назад | ||
| GHSA-949p-32jv-ghmg The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. | 0% Низкий | около 3 лет назад | |
 | BDU:2014-00111 Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии | CVSS2: 4.9 | 0% Низкий | около 11 лет назад |
| BDU:2014-00052 Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к защищаемой информации | CVSS2: 4.9 | 0% Низкий | около 11 лет назад |
 | CVE-2014-1874 The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context. | CVSS2: 4.9 | 0% Низкий | больше 11 лет назад |
 | CVE-2014-1874 The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context. | CVSS2: 4.4 | 0% Низкий | больше 11 лет назад |
 | CVE-2014-1874 The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context. | CVSS2: 4.9 | 0% Низкий | больше 11 лет назад |
| CVE-2014-1874 The security_context_to_sid_core function in security/selinux/ss/servi ... | CVSS2: 4.9 | 0% Низкий | больше 11 лет назад |
| CVE-2014-1737 The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. First, raw_cmd_ioctl calls raw_cmd_copyin. This function kmallocs space for a floppy_raw_cmd structure and stores the resulting allocation in the "rcmd" pointer argument. It then attempts to copy_from_user the structure from userspace. If this fails, an early EFAULT return is taken. The problem is that even if the early return is taken, the pointer to the non-/partially-initialized floppy_raw_cmd structure has already been returned via the "rcmd" pointer. Back out in raw_cmd_ioctl, it attempts to raw_cmd_free this pointer. raw_cmd_free attempts to free any DMA pages allocated for the raw command, kfrees the raw command structure itself, and follows the linked list, if any, of further raw com... | CVSS2: 7.2 | 0% Низкий | около 11 лет назад |
| CVE-2014-1737 The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. | CVSS2: 6.6 | 0% Низкий | больше 11 лет назад |
| CVE-2014-1737 The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. | CVSS2: 7.2 | 0% Низкий | около 11 лет назад |
| CVE-2014-1737 The raw_cmd_copyin function in drivers/block/floppy.c in the Linux ker ... | CVSS2: 7.2 | 0% Низкий | около 11 лет назад |
| GHSA-284f-hr5w-9657 The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context. | 0% Низкий | около 3 лет назад | |
| GHSA-vmrj-8qgc-5x6c The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. | 0% Низкий | около 3 лет назад | |
| BDU:2014-00334 Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании или повысить свои привилегии | CVSS2: 7.2 | 0% Низкий | около 11 лет назад |
| BDU:2014-00110 Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии | CVSS2: 7.2 | 0% Низкий | около 11 лет назад |
| BDU:2014-00053 Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к защищаемой информации | CVSS2: 7.2 | 0% Низкий | около 11 лет назад |
| BDU:2015-04310 Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации | CVSS2: 10 | больше 10 лет назад |
Уязвимостей на страницу