CVE-2014-3917

Currently unrated

Key Information:

Vendor: Suse
Status: Linux Enterprise Desktop
Vendor: CVE Published:; 5 June 2014

Summary

kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.

References

http://article.gmane.org/gmane.linux.kernel/1713179

mailing-listx_refsource_MLIST

http://www.ubuntu.com/usn/USN-2335-1

vendor-advisoryx_refsource_UBUNTU

http://www.ubuntu.com/usn/USN-2334-1

vendor-advisoryx_refsource_UBUNTU

Timeline

Vulnerability published
Jun 5, 2014
Vulnerability Reserved
May 29, 2014