Buffer overflow in Linux kernel - CVE-2014-0069
Published: February 28, 2014 / Updated: August 10, 2020
Vulnerability identifier: #VU41986
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2014-0069
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer.
How to mitigate CVE-2014-0069
Install update from vendor's website.
Sources
- http://article.gmane.org/gmane.linux.kernel.cifs/9401
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5d81de8e8667da7135d3a32a964087c0faf5483f
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html
- http://rhn.redhat.com/errata/RHSA-2014-0328.html
- http://www.openwall.com/lists/oss-security/2014/02/17/4
- http://www.securityfocus.com/bid/65588
- https://bugzilla.redhat.com/show_bug.cgi?id=1064253
- https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f