SB2014022803 - Buffer overflow in Linux kernel
Published: February 28, 2014 Updated: August 10, 2020
Security Bulletin ID
SB2014022803
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2014-0069)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer.
Remediation
Install update from vendor's website.
References
- http://article.gmane.org/gmane.linux.kernel.cifs/9401
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5d81de8e8667da7135d3a32a964087c0faf5483f
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html
- http://rhn.redhat.com/errata/RHSA-2014-0328.html
- http://www.openwall.com/lists/oss-security/2014/02/17/4
- http://www.securityfocus.com/bid/65588
- https://bugzilla.redhat.com/show_bug.cgi?id=1064253
- https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f