3.3
CVE-2014-3917
- EPSS 0.09%
- Veröffentlicht 05.06.2014 17:55:07
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Suse ≫ Linux Enterprise Desktop Version10.0 Updatesp4 SwEditionlts
Redhat ≫ Enterprise Linux Version5
Redhat ≫ Enterprise Linux Version6.0
Redhat ≫ Enterprise Mrg Version2.0
Linux ≫ Linux Kernel Version <= 3.14.5
Linux ≫ Linux Kernel Version3.14 Update-
Linux ≫ Linux Kernel Version3.14 Updaterc1
Linux ≫ Linux Kernel Version3.14 Updaterc2
Linux ≫ Linux Kernel Version3.14 Updaterc3
Linux ≫ Linux Kernel Version3.14 Updaterc4
Linux ≫ Linux Kernel Version3.14 Updaterc5
Linux ≫ Linux Kernel Version3.14 Updaterc6
Linux ≫ Linux Kernel Version3.14 Updaterc7
Linux ≫ Linux Kernel Version3.14 Updaterc8
Linux ≫ Linux Kernel Version3.14.1
Linux ≫ Linux Kernel Version3.14.2
Linux ≫ Linux Kernel Version3.14.3
Linux ≫ Linux Kernel Version3.14.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.263 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 3.4 | 4.9 |
AV:L/AC:M/Au:N/C:P/I:N/A:P
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.