3.3
CVE-2014-3917
- EPSS 0.09%
- Published 05.06.2014 17:55:07
- Last modified 12.04.2025 10:46:40
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.
Data is provided by the National Vulnerability Database (NVD)
Suse ≫ Linux Enterprise Desktop Version10.0 Updatesp4 SwEditionlts
Redhat ≫ Enterprise Linux Version5
Redhat ≫ Enterprise Linux Version6.0
Redhat ≫ Enterprise Mrg Version2.0
Linux ≫ Linux Kernel Version <= 3.14.5
Linux ≫ Linux Kernel Version3.14 Update-
Linux ≫ Linux Kernel Version3.14 Updaterc1
Linux ≫ Linux Kernel Version3.14 Updaterc2
Linux ≫ Linux Kernel Version3.14 Updaterc3
Linux ≫ Linux Kernel Version3.14 Updaterc4
Linux ≫ Linux Kernel Version3.14 Updaterc5
Linux ≫ Linux Kernel Version3.14 Updaterc6
Linux ≫ Linux Kernel Version3.14 Updaterc7
Linux ≫ Linux Kernel Version3.14 Updaterc8
Linux ≫ Linux Kernel Version3.14.1
Linux ≫ Linux Kernel Version3.14.2
Linux ≫ Linux Kernel Version3.14.3
Linux ≫ Linux Kernel Version3.14.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.263 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 3.4 | 4.9 |
AV:L/AC:M/Au:N/C:P/I:N/A:P
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.