Published: 24/03/2014 Updated: 13/02/2023

CVSS v2 Base Score: 2.9 | Impact Score: 2.9 | Exploitability Score: 5.5

VMScore: 258

Vector: AV:A/AC:M/Au:N/C:P/I:N/A:N

Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel up to and including 3.13.6 allows malicious users to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
opensuse evergreen 11.4
suse linux enterprise server 11

Several security issues were fixed in the kernel ...

CWE-416 https://bugzilla.redhat.com/show_bug.cgi?id=1074589 http://www.spinics.net/lists/netdev/msg274250.html http://www.spinics.net/lists/netdev/msg274316.html https://github.com/torvalds/linux/commit/1fd819ecb90cc9b822cd84d3056ddba315d3340f http://www.openwall.com/lists/oss-security/2014/03/10/4 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1fd819ecb90cc9b822cd84d3056ddba315d3340f https://nvd.nist.gov https://usn.ubuntu.com/2286-1/

CVE-2014-0131

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect