What is the severity of CVE-2014-9584?

CVE-2014-9584 is considered to be an information leakage vulnerability that could be exploited by unprivileged users.

How do I fix CVE-2014-9584?

To fix CVE-2014-9584, upgrade to a patched version of the Linux kernel, specifically any version that incorporates the fixes beyond 3.18.2.

What systems are affected by CVE-2014-9584?

CVE-2014-9584 affects various Linux distributions including Red Hat Enterprise Linux, SUSE Linux, and Debian across multiple versions.

Can unprivileged users exploit CVE-2014-9584?

Yes, unprivileged users can exploit CVE-2014-9584 to leak sensitive information from iso9660 images.

Is there a specific patch version for CVE-2014-9584?

Yes, the resolved versions include Linux kernel versions such as 5.10.223-1, 5.10.226-1, and others listed by the respective distributions.

Vulnerability/
CVE-2014-9584

low

2.1

CWE

8/1/2015

9/1/2015

21/11/2024

CVE-2014-9584: Input Validation

First published: Thu Jan 08 2015(Updated: )

Last updated 24 July 2024

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Linux Kernel	<3.18.2
redhat enterprise linux aus	=6.6
redhat enterprise Linux desktop	=6.0
redhat enterprise Linux desktop	=7.0
redhat enterprise Linux eus	=6.6
redhat enterprise Linux server	=6.0
redhat enterprise Linux server	=7.0
redhat enterprise Linux server aus	=7.3
redhat enterprise Linux server aus	=7.4
redhat enterprise Linux server aus	=7.6
redhat enterprise Linux server aus	=7.7
redhat enterprise Linux server eus	=7.1
redhat enterprise Linux server eus	=7.2
redhat enterprise Linux server eus	=7.3
redhat enterprise Linux server eus	=7.4
redhat enterprise Linux server eus	=7.5
redhat enterprise Linux server eus	=7.6
redhat enterprise Linux server eus	=7.7
redhat enterprise Linux server tus	=6.6
redhat enterprise Linux server tus	=7.3
redhat enterprise Linux server tus	=7.6
redhat enterprise Linux server tus	=7.7
redhat enterprise Linux workstation	=6.0
redhat enterprise Linux workstation	=7.0
openSUSE Evergreen	=11.4
openSUSE	=13.1
SUSE Linux Enterprise Desktop with Beagle	=12
SUSE Linux Enterprise Real Time Extension	=11-sp3
SUSE Linux Enterprise Server	=10-sp4
SUSE Linux Enterprise Server	=11-sp1
SUSE Linux Enterprise Server	=11-sp2
SUSE Linux Enterprise Server	=12
SUSE Linux Enterprise Software Development Kit	=12
SUSE Linux Enterprise Workstation Extension	=12
Debian GNU/Linux	=7.0
Debian GNU/Linux	=8.0
Ubuntu Linux	=10.04
Ubuntu Linux	=12.04
Ubuntu Linux	=14.04
Ubuntu Linux	=14.10
Oracle Linux	=5
debian/linux		5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1
Debian	=7.0
Debian	=8.0
Ubuntu	=10.04
Ubuntu	=12.04
Ubuntu	=14.04
Ubuntu	=14.10

Remedy

https://github.com/torvalds/linux/commit/4e2024624e678f0ebb916e6192bd23c1f9fdf696

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-9584?
CVE-2014-9584 is considered to be an information leakage vulnerability that could be exploited by unprivileged users.
How do I fix CVE-2014-9584?
To fix CVE-2014-9584, upgrade to a patched version of the Linux kernel, specifically any version that incorporates the fixes beyond 3.18.2.
What systems are affected by CVE-2014-9584?
CVE-2014-9584 affects various Linux distributions including Red Hat Enterprise Linux, SUSE Linux, and Debian across multiple versions.
Can unprivileged users exploit CVE-2014-9584?
Yes, unprivileged users can exploit CVE-2014-9584 to leak sensitive information from iso9660 images.
Is there a specific patch version for CVE-2014-9584?
Yes, the resolved versions include Linux kernel versions such as 5.10.223-1, 5.10.226-1, and others listed by the respective distributions.

agent/type
agent/first-publish-date
collector/launchpad-cve
source/Launchpad
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2014-9584
agent/severity
agent/weakness
collector/usn-cve
source/Ubuntu
agent/references
agent/remedy
agent/description
agent/last-modified-date
agent/trending
agent/source
agent/event
agent/author
collector/nvd-index
agent/software-canonical-lookup-request
agent/tags
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
agent/softwarecombine
collector/nvd-cve
source/NVD
vendor/linux
canonical/linux kernel
vendor/redhat
canonical/redhat enterprise linux aus
version/redhat enterprise linux aus/6.6
canonical/redhat enterprise linux desktop
version/redhat enterprise linux desktop/6.0
version/redhat enterprise linux desktop/7.0
canonical/redhat enterprise linux eus
version/redhat enterprise linux eus/6.6
canonical/redhat enterprise linux server
version/redhat enterprise linux server/6.0
version/redhat enterprise linux server/7.0
canonical/redhat enterprise linux server aus
version/redhat enterprise linux server aus/7.3
version/redhat enterprise linux server aus/7.4
version/redhat enterprise linux server aus/7.6
version/redhat enterprise linux server aus/7.7
canonical/redhat enterprise linux server eus
version/redhat enterprise linux server eus/7.1
version/redhat enterprise linux server eus/7.2
version/redhat enterprise linux server eus/7.3
version/redhat enterprise linux server eus/7.4
version/redhat enterprise linux server eus/7.5
version/redhat enterprise linux server eus/7.6
version/redhat enterprise linux server eus/7.7
canonical/redhat enterprise linux server tus
version/redhat enterprise linux server tus/6.6
version/redhat enterprise linux server tus/7.3
version/redhat enterprise linux server tus/7.6
version/redhat enterprise linux server tus/7.7
canonical/redhat enterprise linux workstation
version/redhat enterprise linux workstation/6.0
version/redhat enterprise linux workstation/7.0
vendor/opensuse
canonical/opensuse evergreen
version/opensuse evergreen/11.4
canonical/opensuse
version/opensuse/13.1
vendor/suse
canonical/suse linux enterprise desktop with beagle
version/suse linux enterprise desktop with beagle/12
canonical/suse linux enterprise real time extension
version/suse linux enterprise real time extension/11-sp3
canonical/suse linux enterprise server
version/suse linux enterprise server/10-sp4
version/suse linux enterprise server/11-sp1
version/suse linux enterprise server/11-sp2
version/suse linux enterprise server/12
canonical/suse linux enterprise software development kit
version/suse linux enterprise software development kit/12
canonical/suse linux enterprise workstation extension
version/suse linux enterprise workstation extension/12
vendor/debian
canonical/debian gnu/linux
version/debian gnu/linux/7.0
version/debian gnu/linux/8.0
vendor/canonical
canonical/ubuntu linux
version/ubuntu linux/10.04
version/ubuntu linux/12.04
version/ubuntu linux/14.04
version/ubuntu linux/14.10
vendor/oracle
canonical/oracle linux
version/oracle linux/5
package-manager/debian
canonical/debian
version/debian/7.0
version/debian/8.0
canonical/ubuntu
version/ubuntu/10.04
version/ubuntu/12.04
version/ubuntu/14.04
version/ubuntu/14.10