An information leak flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled access of the user control's state. A local, privileged user could use this flaw to leak kernel memory to user space.
Find out more about CVE-2014-4652 from the MITRE CVE dictionary dictionary and NIST NVD.
Base Score | 1.5 |
---|---|
Base Metrics | AV:L/AC:M/Au:S/C:P/I:N/A:N |
Access Vector | Local |
Access Complexity | Medium |
Authentication | Single |
Confidentiality Impact | Partial |
Integrity Impact | None |
Availability Impact | None |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Platform | Errata | Release Date |
---|---|---|
Red Hat Enterprise Linux 6 (kernel) | RHSA-2015:1272 | 2015-07-20 |
Red Hat MRG Grid for RHEL 6 Server v.2 (kernel-rt) | RHSA-2014:1083 | 2014-08-20 |
Red Hat Enterprise Linux 7 (kernel) | RHSA-2014:1971 | 2014-12-09 |
Platform | Package | State |
---|---|---|
Red Hat Enterprise Linux 5 | kernel | Will not fix |