CVE-2014-2568

kernel: net: potential information leak when ubuf backed skbs are skb_zerocopy()ied

Severity Score

2.9

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Use-after-free vulnerability in the nfqnl_zcopy function in net/netfilter/nfnetlink_queue_core.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. NOTE: the affected code was moved to the skb_zerocopy function in net/core/skbuff.c before the vulnerability was announced.

Vulnerabilidad de uso después de liberación en la función nfqnl_zcopy en net/netfilter/nfnetlink_queue_core.c en el kernel de Linux hasta 3.13.6 permite a atacantes obtener información sensible de la memoria del kernel mediante el aprovechamiento de la ausencia de cierta operación huérfana. NOTA: el código afectado fue trasladado a la función skb_zerocopy en net/core/skbuff.c antes de que la vulnerabilidad fue anunciada.

*Credits: N/A

CVSS Scores

NISTv2 2.9

Attack Vector

Adjacent

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-03-20 CVE Reserved
2014-03-24 CVE Published
2024-03-22 EPSS Updated
2024-08-06 CVE Updated
2024-08-06 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-416: Use After Free

CAPEC

References (9)

URL	Tag	Source
http://seclists.org/oss-sec/2014/q1/627	Mailing List
http://secunia.com/advisories/59599	Broken Link
http://www.securityfocus.com/bid/66348	Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/91922	Third Party Advisory

URL	Date	SRC
https://lkml.org/lkml/2014/3/20/421	2024-08-06

URL	Date	SRC
http://www.openwall.com/lists/oss-security/2014/03/20/16	2019-05-10

URL	Date	SRC
http://www.ubuntu.com/usn/USN-2240-1	2019-05-10
https://bugzilla.redhat.com/show_bug.cgi?id=1079012	2014-06-24
https://access.redhat.com/security/cve/CVE-2014-2568	2014-06-24

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.0 <= 3.13.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.0 <= 3.13.6"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"		lts		Affected