Published: 18/01/2014 Updated: 07/11/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 188

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel prior to 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.11.1
linux linux kernel 3.11
linux linux kernel
linux linux kernel 3.11.4
linux linux kernel 3.11.3
linux linux kernel 3.11.2
linux linux kernel 3.11.5

Several security issues were fixed in the kernel ...

The wanxl_ioctl function in drivers/net/wan/wanxlc in the Linux kernel before 3117 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call ...

CWE-399 https://github.com/torvalds/linux/commit/2b13d06c9584b4eb773f1e80bbaedab9a1c344e1 http://www.openwall.com/lists/oss-security/2014/01/15/3 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.7 https://bugzilla.redhat.com/show_bug.cgi?id=1053613 http://www.securityfocus.com/bid/64953 http://www.ubuntu.com/usn/USN-2129-1 http://www.ubuntu.com/usn/USN-2128-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/90444 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2b13d06c9584b4eb773f1e80bbaedab9a1c344e1 https://nvd.nist.gov https://usn.ubuntu.com/2066-1/https://access.redhat.com/security/cve/cve-2014-1445

CVE-2014-1445

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect