Main Vulnerability Database Exploits ID:4057 - Exploit for Information disclosure in Linux kernel - CVE-2014-1739

ID:4057 - Exploit for Information disclosure in Linux kernel - CVE-2014-1739

Published: August 11, 2020

Vulnerability identifier: #VU41534

Vulnerability risk: Low

CVE-ID: CVE-2014-1739

CWE-ID: CWE-200

Exploitation vector: Local access

Vulnerable software:
Linux kernel

Link to public exploit:

https://www.exploit-db.com/exploits/39214/

Vulnerability description

The vulnerability allows a local #AU# to gain access to sensitive information.

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.

Remediation

Install update from vendor's website.

ID:4057 - Exploit for Information disclosure in Linux kernel - CVE-2014-1739

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human