CVE-2014-3917
kernel: DoS with syscall auditing
Severity Score
Exploit Likelihood
Affected Versions
18Public Exploits
0Exploited in Wild
-Decision
Descriptions
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.
kernel/auditsc.c en el kernel de Linux hasta 3.14.5, cuando CONFIG_AUDITSYSCALL está habilitado con ciertas normas syscall, permite a usuarios locales obtener valores de un único bit potencialmente sensibles de la memoria del kernel o causar una denegación de servicio (OOPS) a través de un valor grande de un número syscall.
An out-of-bounds memory access flaw was found in the Linux kernel's system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak kernel memory to user space or, potentially, crash the system.
The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled reference counting when requeuing futexes during futex_wait(). A local, unprivileged user could use this flaw to zero out the reference counter of an inode or an mm struct that backs up the memory area of the futex, which could lead to a use-after-free flaw, resulting in a system crash or, potentially, privilege escalation. A NULL pointer dereference flaw was found in the way the Linux kernel's networking implementation handled logging while processing certain invalid packets coming in via a VxLAN interface. A remote attacker could use this flaw to crash the system by sending a specially crafted packet to such an interface.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-05-29 CVE Reserved
- 2014-06-05 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| http://article.gmane.org/gmane.linux.kern... | Mailing List | |
| http://secunia.com/advisories/59777 | Third Party Advisory | |
| http://secunia.com/advisories/60011 | Third Party Advisory | |
| http://secunia.com/advisories/60564 | Third Party Advisory | |
| http://www.openwall.com/lists/oss-securit... | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2015-... | 2021-07-15 | |
| http://rhn.redhat.com/errata/RHSA-2014-1143.html | 2021-07-15 | |
| http://rhn.redhat.com/errata/RHSA-2014-1281.html | 2021-07-15 | |
| http://www.ubuntu.com/usn/USN-2334-1 | 2021-07-15 | |
| http://www.ubuntu.com/usn/USN-2335-1 | 2021-07-15 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1102571 | 2014-09-22 | |
| https://access.redhat.com/security/cve/CVE-2014-3917 | 2014-09-22 |