Vulnerability Description
The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 3.2.57 |
| Suse | Linux Enterprise Desktop | 11 |
| Suse | Linux Enterprise Server | 11 |
| Redhat | Enterprise Linux Desktop | 6.0 |
| Redhat | Enterprise Linux Eus | 6.5 |
| Redhat | Enterprise Linux Server | 6.0 |
| Redhat | Enterprise Linux Server Aus | 6.5 |
| Redhat | Enterprise Linux Server Tus | 6.5 |
| Redhat | Enterprise Linux Workstation | 6.0 |
Related Weaknesses (CWE)
References
- http://article.gmane.org/gmane.linux.kernel.cifs/9401Broken Link
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=Broken Link
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.htmlMailing ListThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-0328.htmlThird Party Advisory
- http://www.openwall.com/lists/oss-security/2014/02/17/4Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/65588Third Party AdvisoryVDB Entry
- https://bugzilla.redhat.com/show_bug.cgi?id=1064253Issue TrackingThird Party Advisory
- https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483PatchThird Party Advisory
- http://article.gmane.org/gmane.linux.kernel.cifs/9401Broken Link
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=Broken Link
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.htmlMailing ListThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-0328.htmlThird Party Advisory
- http://www.openwall.com/lists/oss-security/2014/02/17/4Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/65588Third Party AdvisoryVDB Entry
- https://bugzilla.redhat.com/show_bug.cgi?id=1064253Issue TrackingThird Party Advisory
FAQ
What is CVE-2014-0069?
CVE-2014-0069 is a vulnerability with a CVSS score of 7.2 (HIGH). The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows l...
How severe is CVE-2014-0069?
CVE-2014-0069 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0069?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Eus.