CVE-2014-0069: Buffer Overflow
First published: Wed Feb 12 2014(Updated: )
A flaw was found in the way cifs handled iovecs with bogus pointers userland passed down via writev() during uncached writes. An unprivileged local user with access to cifs share could use this flaw to crash the system or leak kernel memory. Privilege escalation cannot be ruled out (since memory corruption is involved), but is unlikely. The default cache settings for cifs mounts on Red Hat Enterprise Linux prohibit successful exploitation of this issue. Acknowledgements: Red Hat would like to thank Al Viro for reporting this issue.
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Linux kernel | <=3.13.5 | |
| SUSE Linux Enterprise Desktop | =11-sp3 | |
| SUSE Linux Enterprise Server | =11 | |
| SUSE Linux Enterprise Server | =11-sp3 | |
| Suse Linux Enterprise Server | =11-sp3 | |
| Redhat Enterprise Linux Desktop | =6.0 | |
| Redhat Enterprise Linux Eus | =6.5 | |
| Redhat Enterprise Linux Server | =6.0 | |
| Redhat Enterprise Linux Server Aus | =6.5 | |
| Redhat Enterprise Linux Server Tus | =6.5 | |
| Redhat Enterprise Linux Workstation | =6.0 | |
| Linux Linux kernel | <3.2.57 | |
| Linux Linux kernel | >=3.3<3.4.83 | |
| Linux Linux kernel | >=3.5<3.10.33 | |
| Linux Linux kernel | >=3.11<3.12.14 | |
| Linux Linux kernel | >=3.13<3.13.6 | |
| debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.112-1 6.11.5-1 6.11.7-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/65588
- https://bugzilla.redhat.com/show_bug.cgi?id=1064253
- http://rhn.redhat.com/errata/RHSA-2014-0328.html
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html
- http://article.gmane.org/gmane.linux.kernel.cifs/9401
- http://www.openwall.com/lists/oss-security/2014/02/17/4
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5d81de8e8667da7135d3a32a964087c0faf5483f
- https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f
- https://launchpad.net/bugs/cve/CVE-2014-0069
- http://article.gmane.org/gmane.linux.kernel.cifs/9402
- https://rhn.redhat.com/errata/RHSA-2014-0328.html
- https://rhn.redhat.com/errata/RHSA-2014-0439.html
- https://security-tracker.debian.org/tracker/CVE-2014-0069
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0069
- https://nvd.nist.gov/vuln/detail/CVE-2014-0069
- https://ubuntu.com/security/CVE-2014-0069
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2014-0069
- agent/severity
- agent/weakness
- agent/author
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- collector/nvd-cve
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/remedy
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/security-tracker-debian
- source/Debian
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/3.13.5
- vendor/suse
- canonical/suse linux enterprise desktop
- version/suse linux enterprise desktop/11-sp3
- canonical/suse linux enterprise server
- version/suse linux enterprise server/11
- version/suse linux enterprise server/11-sp3
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- canonical/redhat enterprise linux eus
- version/redhat enterprise linux eus/6.5
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/6.5
- canonical/redhat enterprise linux server tus
- version/redhat enterprise linux server tus/6.5
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- version/linux linux kernel/3.3
- version/linux linux kernel/3.5
- version/linux linux kernel/3.11
- version/linux linux kernel/3.13
- package-manager/debian