Information disclosure in Linux Linux_kernel
CVE-2014-1739
The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveragi…
Vulnerability class: Information Disclosure
EPSS: 0.001 (27.7th percentile) — read the EPSS interpretation.
Affected products
- Linux Linux_kernel
- Canonical Ubuntu_linux — versions 12.04, 13.10
- Suse Linux_enterprise_high_availability_extension — versions 11
- Suse Suse_linux_enterprise_desktop — versions 11
- Suse Suse_linux_enterprise_server — versions 11
- N/a — versions n/a
Weakness classification (CWE)
References
- USN-2263-1 (x_refsource_UBUNTU, vendor-advisory)
- chrome-cve-admin@google.com (x_refsource_CONFIRM)
- SUSE-SU-2014:1316 (vendor-advisory, x_refsource_SUSE)
- [oss-security] 20140615 CVE-2014-1739: Kernel Infoleak vulnerability in,media_enum_entities() (mailing-list, x_refsource_MLIST)
- chrome-cve-admin@google.com (x_refsource_CONFIRM)
- USN-2261-1 (x_refsource_UBUNTU, vendor-advisory)
- USN-2264-1 (x_refsource_UBUNTU, vendor-advisory)
- 68048 (vdb-entry, x_refsource_BID)
- SUSE-SU-2014:1319 (vendor-advisory, x_refsource_SUSE)
- chrome-cve-admin@google.com (x_refsource_CONFIRM)