• Salva Peiró
  • Profile
  • Education
  • Publications
  • Projects
  • Archives



CVE-2014-1739: Kernel Infoleak vulnerability in media_enum_entities()

by speiro - Apr 28, 2014 - CVE-2014-1739, security, kernel, infoleak,

Summary

CVE CVE-2014-1739
Author Salva Peiró
Date April 2014 - Discovery of the vulnerability.
Impact The vulnerability discloses 200 bytes of kernel process stack.
Affected Versions From linux-2.6.38 to linux-3.15-rc3
Bug Timespan 3 years: 2011-03-23 to 2014-04-29 commit 1651333b

Description

During a code review of the kernel sources we found an infoleak vulnerability in the ioctl media_enum_entities() that allows to disclose 200 bytes the kernel process' stack. The vulnerability is exploitable on versions up to linux-3.15-rc3 by local users with read access to /dev/media0. Linux distributions ship with chmod …

more ...

Page 1 / 1

  Categories

  • CVEs
  • Infoleaks
  • Learning
  • Techniques

  Activity

  • SPADV-2018-01
  • CVE-2016-3178
  • CVE-2015-7885
  • CVE-2015-7884
  • CVE-2014-1739
  • CVE-2014-1446
  • CVE-2014-1445

  Contact

  • Linkedin
  • ResearchGate
  • Atom feed