CVE-2014-9584

Current Description

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.

Basic Data

PublishedJanuary 09, 2015
Last ModifiedMay 21, 2020
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-20
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score2.1
SeverityLOW
Exploitability Score3.9
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSLinuxLinux Kernel********3.18.2
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSRedhatEnterprise Linux Aus6.6*******
    2.3OSRedhatEnterprise Linux Desktop6.0*******
    2.3OSRedhatEnterprise Linux Desktop7.0*******
    2.3OSRedhatEnterprise Linux Eus6.6*******
    2.3OSRedhatEnterprise Linux Server6.0*******
    2.3OSRedhatEnterprise Linux Server7.0*******
    2.3OSRedhatEnterprise Linux Server Aus7.3*******
    2.3OSRedhatEnterprise Linux Server Aus7.4*******
    2.3OSRedhatEnterprise Linux Server Aus7.6*******
    2.3OSRedhatEnterprise Linux Server Aus7.7*******
    2.3OSRedhatEnterprise Linux Server Eus7.1*******
    2.3OSRedhatEnterprise Linux Server Eus7.2*******
    2.3OSRedhatEnterprise Linux Server Eus7.3*******
    2.3OSRedhatEnterprise Linux Server Eus7.4*******
    2.3OSRedhatEnterprise Linux Server Eus7.5*******
    2.3OSRedhatEnterprise Linux Server Eus7.6*******
    2.3OSRedhatEnterprise Linux Server Eus7.7*******
    2.3OSRedhatEnterprise Linux Server Tus6.6*******
    2.3OSRedhatEnterprise Linux Server Tus7.3*******
    2.3OSRedhatEnterprise Linux Server Tus7.6*******
    2.3OSRedhatEnterprise Linux Server Tus7.7*******
    2.3OSRedhatEnterprise Linux Workstation6.0*******
    2.3OSRedhatEnterprise Linux Workstation7.0*******
  • OR - Configuration 3
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSOpensuseEvergreen11.4*******
    2.3OSOpensuseOpensuse13.1*******
    2.3OSSuseLinux Enterprise Desktop12-******
    2.3OSSuseLinux Enterprise Real Time Extension11sp3******
    2.3OSSuseLinux Enterprise Server10sp4**ltss***
    2.3OSSuseLinux Enterprise Server11sp1**ltss***
    2.3OSSuseLinux Enterprise Server11sp2**ltss***
    2.3OSSuseLinux Enterprise Server12-******
    2.3OSSuseLinux Enterprise Software Development Kit12-******
    2.3OSSuseLinux Enterprise Workstation Extension12*******
  • OR - Configuration 4
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSDebianDebian Linux7.0*******
    2.3OSDebianDebian Linux8.0*******
  • OR - Configuration 5
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSCanonicalUbuntu Linux10.04***lts***
    2.3OSCanonicalUbuntu Linux12.04***lts***
    2.3OSCanonicalUbuntu Linux14.04***lts***
    2.3OSCanonicalUbuntu Linux14.10*******
  • OR - Configuration 6
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSOracleLinux5-******

Vulnerable Software List

VendorProductVersions
Debian Debian Linux 7.0, 8.0
Redhat Enterprise Linux Workstation 6.0, 7.0
Redhat Enterprise Linux Eus 6.6
Redhat Enterprise Linux Desktop 6.0, 7.0
Redhat Enterprise Linux Server Aus 7.3, 7.4, 7.6, 7.7
Redhat Enterprise Linux Server Tus 6.6, 7.3, 7.6, 7.7
Redhat Enterprise Linux Aus 6.6
Redhat Enterprise Linux Server Eus 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7
Redhat Enterprise Linux Server 6.0, 7.0
Canonical Ubuntu Linux 10.04, 12.04, 14.04, 14.10
Opensuse Evergreen 11.4
Opensuse Opensuse 13.1
Oracle Linux 5
Linux Linux Kernel *
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Workstation Extension 12
Suse Linux Enterprise Desktop 12
Suse Linux Enterprise Real Time Extension 11
Suse Linux Enterprise Server 10, 11, 12

References

NameSourceURLTags
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4e2024624e678f0ebb916e6192bd23c1f9fdf696http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4e2024624e678f0ebb916e61CONFIRMPatch Vendor Advisory
SUSE-SU-2015:0481http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.htmlSUSEMailing List Third Party Advisory
SUSE-SU-2015:0529http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.htmlSUSEMailing List Third Party Advisory
openSUSE-SU-2015:0566http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.htmlSUSEMailing List Third Party Advisory
SUSE-SU-2015:0652http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.htmlSUSEMailing List Third Party Advisory
openSUSE-SU-2015:0714http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.htmlSUSEMailing List Third Party Advisory
SUSE-SU-2015:0736http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.htmlSUSEMailing List Third Party Advisory
SUSE-SU-2015:0812http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.htmlSUSEMailing List Third Party Advisory
RHSA-2015:0864http://rhn.redhat.com/errata/RHSA-2015-0864.htmlREDHATThird Party Advisory
RHSA-2015:1137http://rhn.redhat.com/errata/RHSA-2015-1137.htmlREDHATThird Party Advisory
RHSA-2015:1138http://rhn.redhat.com/errata/RHSA-2015-1138.htmlREDHATThird Party Advisory
DSA-3128http://www.debian.org/security/2015/dsa-3128DEBIANThird Party Advisory
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2CONFIRMVendor Advisory
MDVSA-2015:058http://www.mandriva.com/security/advisories?name=MDVSA-2015:058MANDRIVAThird Party Advisory
[oss-security] 20150109 Re: CVE request Linux kernel: isofs: unchecked printing of ER recordshttp://www.openwall.com/lists/oss-security/2015/01/09/4MLISTMailing List Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlCONFIRMThird Party Advisory
71883http://www.securityfocus.com/bid/71883BIDThird Party Advisory VDB Entry
USN-2511-1http://www.ubuntu.com/usn/USN-2511-1UBUNTUThird Party Advisory
USN-2512-1http://www.ubuntu.com/usn/USN-2512-1UBUNTUThird Party Advisory
USN-2513-1http://www.ubuntu.com/usn/USN-2513-1UBUNTUThird Party Advisory
USN-2514-1http://www.ubuntu.com/usn/USN-2514-1UBUNTUThird Party Advisory
USN-2515-1http://www.ubuntu.com/usn/USN-2515-1UBUNTUThird Party Advisory
USN-2516-1http://www.ubuntu.com/usn/USN-2516-1UBUNTUThird Party Advisory
USN-2517-1http://www.ubuntu.com/usn/USN-2517-1UBUNTUThird Party Advisory
USN-2518-1http://www.ubuntu.com/usn/USN-2518-1UBUNTUThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1180119https://bugzilla.redhat.com/show_bug.cgi?id=1180119CONFIRMIssue Tracking Third Party Advisory
https://github.com/torvalds/linux/commit/4e2024624e678f0ebb916e6192bd23c1f9fdf696https://github.com/torvalds/linux/commit/4e2024624e678f0ebb916e6192bd23c1f9fdf696CONFIRMPatch Third Party Advisory