CVE-2014-3917: Infoleak
First published: Thu May 29 2014(Updated: )
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SUSE Linux Enterprise Desktop with Beagle | =10.0-sp4 | |
| Red Hat Enterprise Linux | =5 | |
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise MRG | =2.0 | |
| Linux Kernel | <=3.14.5 | |
| Linux Kernel | =3.14 | |
| Linux Kernel | =3.14-rc1 | |
| Linux Kernel | =3.14-rc2 | |
| Linux Kernel | =3.14-rc3 | |
| Linux Kernel | =3.14-rc4 | |
| Linux Kernel | =3.14-rc5 | |
| Linux Kernel | =3.14-rc6 | |
| Linux Kernel | =3.14-rc7 | |
| Linux Kernel | =3.14-rc8 | |
| Linux Kernel | =3.14.1 | |
| Linux Kernel | =3.14.2 | |
| Linux Kernel | =3.14.3 | |
| Linux Kernel | =3.14.4 | |
| debian/linux | 5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.13-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://article.gmane.org/gmane.linux.kernel/1713179
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
- http://rhn.redhat.com/errata/RHSA-2014-1143.html
- http://rhn.redhat.com/errata/RHSA-2014-1281.html
- http://secunia.com/advisories/59777
- http://secunia.com/advisories/60011
- http://secunia.com/advisories/60564
- http://www.openwall.com/lists/oss-security/2014/05/29/5
- http://www.ubuntu.com/usn/USN-2334-1
- http://www.ubuntu.com/usn/USN-2335-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1102571
- https://launchpad.net/bugs/cve/CVE-2014-3917
- http://seclists.org/oss-sec/2014/q2/377
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1102715
- https://rhn.redhat.com/errata/RHSA-2014-0913.html
- https://rhn.redhat.com/errata/RHSA-2014-1143.html
- https://rhn.redhat.com/errata/RHSA-2014-1167.html
- https://rhn.redhat.com/errata/RHSA-2014-1281.html
- https://security-tracker.debian.org/tracker/CVE-2014-3917
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917
- https://nvd.nist.gov/vuln/detail/CVE-2014-3917
- https://ubuntu.com/security/CVE-2014-3917
Frequently Asked Questions
What is the severity of CVE-2014-3917?
CVE-2014-3917 is considered a moderate severity vulnerability that can lead to information disclosure or denial of service.
How do I fix CVE-2014-3917?
To fix CVE-2014-3917, update to a version of the Linux kernel that is later than 3.14.5 or apply the recommended patches provided by your Linux distribution.
Who is affected by CVE-2014-3917?
CVE-2014-3917 affects local users on systems running specific versions of the Linux kernel up to 3.14.5 with CONFIG_AUDITSYSCALL enabled.
What are the potential impacts of CVE-2014-3917?
The potential impacts of CVE-2014-3917 include local users obtaining sensitive information from kernel memory or causing a system crash.
Is CVE-2014-3917 exploitable remotely?
No, CVE-2014-3917 is not remotely exploitable as it requires local access to the vulnerable system.
- agent/type
- agent/remedy
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2014-3917
- agent/severity
- agent/weakness
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- agent/trending
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- agent/author
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- package-manager/debian
- vendor/suse
- canonical/suse linux enterprise desktop with beagle
- version/suse linux enterprise desktop with beagle/10.0-sp4
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/5
- version/red hat enterprise linux/6.0
- canonical/red hat enterprise mrg
- version/red hat enterprise mrg/2.0
- vendor/linux
- canonical/linux kernel
- version/linux kernel/3.14.5
- version/linux kernel/3.14
- version/linux kernel/3.14-rc1
- version/linux kernel/3.14-rc2
- version/linux kernel/3.14-rc3
- version/linux kernel/3.14-rc4
- version/linux kernel/3.14-rc5
- version/linux kernel/3.14-rc6
- version/linux kernel/3.14-rc7
- version/linux kernel/3.14-rc8
- version/linux kernel/3.14.1
- version/linux kernel/3.14.2
- version/linux kernel/3.14.3
- version/linux kernel/3.14.4