Lucene search

[email protected]CVE-2014-4027

HistoryJun 23, 2014 - 11:21 a.m.

CVE-2014-4027

2014-06-2311:21:18

CWE-200

[email protected]

web.nvd.nist.gov

cve-2014-4027

linux kernel

information disclosure

security vulnerability

nvd

2.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:M/Au:S/C:P/I:N/A:N

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.5%

JSON

The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.

Affected configurations

NVD

Node

linuxlinux_kernelRange<3.14

Node

redhatenterprise_linuxMatch6.0

Node

canonicalubuntu_linuxMatch12.04esm

Node

suselinux_enterprise_desktopMatch11sp3

suselinux_enterprise_high_availability_extensionMatch11sp3

suselinux_enterprise_real_time_extensionMatch11sp3

suselinux_enterprise_serverMatch11sp3-

suselinux_enterprise_serverMatch11sp3vmware

Node

f5big-ip_access_policy_managerRange11.1.0–11.6.0

f5big-ip_access_policy_managerMatch12.0.0

f5big-ip_advanced_firewall_managerRange11.3.0–11.6.0

f5big-ip_advanced_firewall_managerMatch12.0.0

f5big-ip_analyticsRange11.1.0–11.6.0

f5big-ip_analyticsMatch12.0.0

f5big-ip_application_acceleration_managerRange11.4.0–11.6.0

f5big-ip_application_acceleration_managerMatch12.0.0

f5big-ip_application_security_managerRange11.1.0–11.6.0

f5big-ip_application_security_managerMatch12.0.0

f5big-ip_domain_name_systemMatch12.0.0

f5big-ip_edge_gatewayRange11.1.0–11.3.0

f5big-ip_global_traffic_managerRange11.1.0–11.6.0

f5big-ip_link_controllerRange11.1.0–11.6.0

f5big-ip_link_controllerMatch12.0.0

f5big-ip_local_traffic_managerRange11.1.0–11.6.0

f5big-ip_local_traffic_managerMatch12.0.0

f5big-ip_policy_enforcement_managerRange11.3.0–11.6.0

f5big-ip_policy_enforcement_managerMatch12.0.0

f5big-ip_protocol_security_moduleRange11.1.0–11.4.1

f5big-ip_wan_optimization_managerRange11.1.0–11.3.0

f5big-ip_webacceleratorRange11.1.0–11.3.0

f5big-iq_application_delivery_controllerMatch4.5.0

f5big-iq_cloudRange4.0.0–4.5.0

f5big-iq_deviceRange4.2.0–4.5.0

f5big-iq_securityRange4.0.0–4.5.0

f5enterprise_managerRange3.0.0–3.1.1

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt3.14

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	3.14

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc

lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html

lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html

permalink.gmane.org/gmane.linux.scsi.target.devel/6618

secunia.com/advisories/59134

secunia.com/advisories/59777

secunia.com/advisories/60564

secunia.com/advisories/61310

www.openwall.com/lists/oss-security/2014/06/11/1

www.ubuntu.com/usn/USN-2334-1

www.ubuntu.com/usn/USN-2335-1

bugzilla.redhat.com/show_bug.cgi?id=1108744

github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc

support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html

2.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:M/Au:S/C:P/I:N/A:N

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.5%

JSON

Related for CVE-2014-4027

f53 ubuntucve1 prion1 nvd1 debiancve1 cvelist1 nessus21 ubuntu5 openvas14 oraclelinux3 veracode7 redhat2 suse2 securityvulns1 centos1