ID:4078 - Exploit for Input validation error in Linux kernel - CVE-2014-3631

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:4078 - Exploit for Input validation error in Linux kernel - CVE-2014-3631

ID:4078 - Exploit for Input validation error in Linux kernel - CVE-2014-3631

Published: August 11, 2020


Vulnerability identifier: #VU41283
Vulnerability risk: High
CVE-ID: CVE-2014-3631
CWE-ID: CWE-20
Exploitation vector: Local access
Vulnerable software:
Linux kernel

Link to public exploit:


Vulnerability description

The vulnerability allows local users to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple "keyctl newring" operations followed by a "keyctl timeout" operation.


Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.