Lucene search

[email protected]CVE-2014-1690

HistoryFeb 28, 2014 - 6:18 a.m.

CVE-2014-1690

2014-02-2806:18:54

CWE-200

[email protected]

web.nvd.nist.gov

cve-2014-1690

linux kernel

netfilter

nf_nat_irc

irc

dcc

nat mangle

information security

nvd

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.6%

JSON

The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature.

Affected configurations

NVD

Node

linuxlinux_kernelRange<3.12.8

Node

canonicalubuntu_linuxMatch12.04esm

canonicalubuntu_linuxMatch13.10

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt3.12.8

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	3.12.8

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2690d97ade05c5325cbf7c72b94b90d265659886

www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8

www.openwall.com/lists/oss-security/2014/01/28/3

www.ubuntu.com/usn/USN-2137-1

www.ubuntu.com/usn/USN-2140-1

www.ubuntu.com/usn/USN-2158-1

bugzilla.redhat.com/show_bug.cgi?id=1058748

github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.6%

JSON

Related for CVE-2014-1690

prion2 cvelist1 debiancve1 ubuntucve1 nvd2 cve1 openvas17 ubuntu3 nessus11 securityvulns2 mageia6 veracode6 redhat1 oraclelinux1 suse2