Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-8159HistoryMar 16, 2015 - 10:59 a.m.
CVE-2014-8159
2015-03-1610:59:01
Debian Security Bug Tracker
security-tracker.debian.org
35
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
0
Percentile
10.1%
The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by leveraging permissions on a uverbs device under /dev/infiniband/.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 3.16.7-ckt9-1 | linux_3.16.7-ckt9-1_all.deb |
| Debian | 11 | all | linux | < 3.16.7-ckt9-1 | linux_3.16.7-ckt9-1_all.deb |
| Debian | 999 | all | linux | < 3.16.7-ckt9-1 | linux_3.16.7-ckt9-1_all.deb |
| Debian | 13 | all | linux | < 3.16.7-ckt9-1 | linux_3.16.7-ckt9-1_all.deb |
Related
ubuntu
ubuntu
Linux kernel vulnerability
2015-03-12 00:00:00
Linux kernel vulnerability
2015-03-12 00:00:00
Linux kernel (Trusty HWE) vulnerability
2015-03-12 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2526-1)
2015-03-13 00:00:00
Ubuntu: Security Advisory (USN-2527-1)
2015-03-13 00:00:00
Ubuntu: Security Advisory (USN-2530-1)
2015-03-13 00:00:00
redhat
redhat
(RHSA-2015:0870) Important: kernel security update
2015-04-22 00:00:00
(RHSA-2015:0919) Important: kernel security update
2015-04-30 00:00:00
(RHSA-2015:0726) Important: kernel security and bug fix update
2015-03-26 09:16:32
nessus
nessus
Ubuntu 14.10 : linux vulnerability (USN-2530-1)
2015-03-12 00:00:00
Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerability (USN-2529-1)
2015-03-12 00:00:00
RHEL 5 : kernel (RHSA-2015:0870)
2015-04-23 00:00:00
prion
prion
Design/Logic Flaw
2015-03-16 10:59:00
cve
cve
CVE-2014-8159
2015-03-16 10:59:01
cloudfoundry
cloudfoundry
CVE-2014-8159 - Linux Kernel Infiniband Vulnerability | Cloud Foundry
2015-03-13 00:00:00
USN 3020-1 Linux kernel (Vivid HWE) vulnerabilities | Cloud Foundry
2016-07-01 00:00:00
cvelist
cvelist
CVE-2014-8159
2015-03-16 10:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:05:17
Denial Of Service (DoS)
2019-05-02 05:13:00
nvd
nvd
CVE-2014-8159
2015-03-16 10:59:01
securityvulns
securityvulns
[USN-2530-1] Linux kernel vulnerability
2015-03-15 00:00:00
[SECURITY] [DSA 3237-1] linux security update
2015-05-05 00:00:00
Linux kernel multiple security vulnerabilities
2015-03-15 00:00:00
centos
centos
kernel, perf, python security update
2015-04-01 03:22:51
kernel security update
2015-04-07 22:09:26
kernel, perf, python security update
2015-03-12 15:31:30
oraclelinux
oraclelinux
kernel security and bug fix update
2015-05-12 00:00:00
kernel security and bug fix update
2015-04-08 00:00:00
kernel security and bug fix update
2015-03-26 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: kernel-4.0.0-0.rc4.git0.1.fc22
2015-03-22 04:43:08
[SECURITY] Fedora 21 Update: kernel-3.19.2-201.fc21
2015-03-29 04:31:39
[SECURITY] Fedora 21 Update: kernel-3.19.1-201.fc21
2015-03-21 05:01:11
ubuntucve
ubuntucve
CVE-2014-8159
2014-12-31 00:00:00
f5
f5
K16478 : Linux kernel vulnerabilities CVE-2014-8159 and CVE-2014-8369
2015-04-22 00:00:00
SOL16478 - Linux kernel vulnerabilities CVE-2014-8159 and CVE-2014-8369
2015-04-22 00:00:00
mageia
mageia
Updated kernel package fixes security vulnerabilities
2015-05-01 00:57:25
Updated kernel-linus package fixes security vulnerabilities
2015-05-01 00:57:25
Updated kernel-tmb packages fix security vulnerabilities
2015-05-13 18:54:07
suse
suse
Live patch for the Linux Kernel (important)
2015-09-04 12:09:23
Live patch for the Linux Kernel (important)
2015-09-04 12:16:25
Live patch for the Linux Kernel (important)
2015-09-04 12:11:01
debian
debian
[SECURITY] [DSA 3237-1] linux security update
2015-04-26 12:37:13
[SECURITY] [DSA 3237-1] linux security update
2015-04-26 12:37:13
[SECURITY] [DLA 246-2] linux-2.6 regression update
2015-06-17 19:06:53
osv
osv
linux - security update
2015-04-26 00:00:00
linux-2.6 - security update
2015-06-17 00:00:00
linux-2.6 - security update
2015-06-17 00:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
0
Percentile
10.1%
Related for DEBIANCVE:CVE-2014-8159