Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2014-0069

Date: February 27, 2014

The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer.

Language: C

Severity Score

Related Resources (12)

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html
https://nvd.nist.gov/vuln/detail/CVE-2014-0069
http://www.openwall.com/lists/oss-security/2014/02/17/4
https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f
https://bugzilla.redhat.com/show_bug.cgi?id=1064253
https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0069
http://article.gmane.org/gmane.linux.kernel.cifs/9401
http://www.securityfocus.com/bid/65588
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5d81de8e8667da7135d3a32a964087c0faf5483f
http://rhn.redhat.com/errata/RHSA-2014-0328.html
https://access.redhat.com/security/cve/CVE-2014-0069
https://www.mend.io/vulnerability-database/CVE-2014-0069

Severity Score

Weakness Type (CWE)

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-119

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

CVSS v2

Base Score:
Access Vector (AV): LOCAL
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): COMPLETE
Integrity (I): COMPLETE
Availability (A): COMPLETE
Additional information:

Do you need more information?

Contact Us