7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
High
0.019 Low
EPSS
Percentile
88.7%
A flaw was discovered in the Linux kernel’s pseudo tty (pty) device. An
unprivileged user could exploit this flaw to cause a denial of service
(system crash) or potentially gain administrator privileges.
(CVE-2014-0196)
Pinkie Pie discovered a flaw in the Linux kernel’s futex subsystem. An
unprivileged local user could exploit this flaw to cause a denial of
service (system crash) or gain administrative privileges. (CVE-2014-3153)
Matthew Daley reported an information leak in the floppy disk driver of the
Linux kernel. An unprivileged local user could exploit this flaw to obtain
potentially sensitive information from kernel memory. (CVE-2014-1738)
Matthew Daley reported a flaw in the handling of ioctl commands by the
floppy disk driver in the Linux kernel. An unprivileged local user could
exploit this flaw to gain administrative privileges if the floppy disk
module is loaded. (CVE-2014-1737)
A flaw was discovered in the handling of network packets when mergeable
buffers are disabled for virtual machines in the Linux kernel. Guest OS
users may exploit this flaw to cause a denial of service (host OS crash) or
possibly gain privilege on the host OS. (CVE-2014-0077)
An information leak was discovered in the netfilter subsystem of the Linux
kernel. An attacker could exploit this flaw to obtain sensitive information
from kernel memory. (CVE-2014-2568)
Török Edwin discovered a flaw with Xen netback driver when used with
Linux configurations that do not allow sleeping in softirq context. A guest
administrator could exploit this flaw to cause a denial of service (system
crash) on the host. (CVE-2014-2580)
A flaw was discovered in the Linux kernel’s ping sockets. An unprivileged
local user could exploit this flaw to cause a denial of service (system
crash) or possibly gain privileges via a crafted application.
(CVE-2014-2851)
Sasha Levin reported a bug in the Linux kernel’s virtual memory management
subsystem. An unprivileged local user could exploit this flaw to cause a
denial of service (system crash). (CVE-2014-3122)
Hannes Frederic Sowa reported a hash collision ordering problem in the xfs
filesystem in the Linux kernel. A local user could exploit this flaw to
cause filesystem corruption and a denial of service (oops or panic).
(CVE-2014-7283)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 12.04 | noarch | linux-image-3.13.0-30-generic | < 3.13.0-30.54~precise2 | UNKNOWN |
Ubuntu | 12.04 | noarch | block-modules-3.13.0-30-generic-di | < 3.13.0-30.54~precise2 | UNKNOWN |
Ubuntu | 12.04 | noarch | crypto-modules-3.13.0-30-generic-di | < 3.13.0-30.54~precise2 | UNKNOWN |
Ubuntu | 12.04 | noarch | fat-modules-3.13.0-30-generic-di | < 3.13.0-30.54~precise2 | UNKNOWN |
Ubuntu | 12.04 | noarch | fb-modules-3.13.0-30-generic-di | < 3.13.0-30.54~precise2 | UNKNOWN |
Ubuntu | 12.04 | noarch | firewire-core-modules-3.13.0-30-generic-di | < 3.13.0-30.54~precise2 | UNKNOWN |
Ubuntu | 12.04 | noarch | floppy-modules-3.13.0-30-generic-di | < 3.13.0-30.54~precise2 | UNKNOWN |
Ubuntu | 12.04 | noarch | fs-core-modules-3.13.0-30-generic-di | < 3.13.0-30.54~precise2 | UNKNOWN |
Ubuntu | 12.04 | noarch | fs-secondary-modules-3.13.0-30-generic-di | < 3.13.0-30.54~precise2 | UNKNOWN |
Ubuntu | 12.04 | noarch | input-modules-3.13.0-30-generic-di | < 3.13.0-30.54~precise2 | UNKNOWN |
ubuntu.com/security/CVE-2014-0077
ubuntu.com/security/CVE-2014-0196
ubuntu.com/security/CVE-2014-1737
ubuntu.com/security/CVE-2014-1738
ubuntu.com/security/CVE-2014-2568
ubuntu.com/security/CVE-2014-2580
ubuntu.com/security/CVE-2014-2851
ubuntu.com/security/CVE-2014-3122
ubuntu.com/security/CVE-2014-3153
ubuntu.com/security/CVE-2014-7283
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
High
0.019 Low
EPSS
Percentile
88.7%