2.1

CVE-2014-0181

EPSS 0.03%
Veröffentlicht 27.04.2014 00:55:05
Zuletzt bearbeitet 06.05.2026 22:30:45
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 15

NVD 8 VulnDex Vulnerability Enrichment 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version <= 3.14.1

Opensuse ≫ Evergreen Version11.4

Redhat ≫ Enterprise Linux Desktop Version5

Redhat ≫ Enterprise Linux Server Version5.0

Suse ≫ Linux Enterprise Real Time Extension Version11 Updatesp3

Suse ≫ Linux Enterprise Server Version10 Updatesp4 SwEditionltss

Suse ≫ Linux Enterprise Server Version11 Updatesp1 SwEditionltss

Suse ≫ Suse Linux Enterprise Server Version11

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.069

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:N/I:P/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html

Third Party Advisory

http://marc.info/?l=linux-netdev&m=139828832919748&w=2

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2014-1959.html

Third Party Advisory

http://www.openwall.com/lists/oss-security/2014/04/23/6

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/04/16/3

https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=90f62cf30a78721641e08737bda787552428061e

Patch

Vendor Advisory

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.45

Vendor Advisory

Release Notes

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.9

Vendor Advisory

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2014-0181

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-0181

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-0181

EUVD