|
|
Subscribe / Log in / New account

kernel: information disclosure

Package(s):kernel CVE #(s):CVE-2014-0206
Created:June 25, 2014 Updated:July 25, 2014
Description: From the Red Hat advisory:

It was found that the aio_read_events_ring() function of the Linux kernel's Asynchronous I/O (AIO) subsystem did not properly sanitize the AIO ring head received from user space. A local, unprivileged user could use this flaw to disclose random parts of the (physical) memory belonging to the kernel and/or other processes.

Alerts:
Mageia MGASA-2015-0077 kernel-rt 2015-02-19
Oracle ELSA-2015-0290 kernel 2015-03-12
openSUSE openSUSE-SU-2014:1677-1 kernel 2014-12-21
CentOS 2014:X011 kernel 2014-10-01
Ubuntu USN-2336-1 linux-lts-trusty 2014-09-02
Ubuntu USN-2337-1 kernel 2014-09-02
Mageia MGASA-2014-0332 kernel-vserver 2014-08-18
Mageia MGASA-2014-0337 kernel-tmb 2014-08-18
Mageia MGASA-2014-0331 kernel-tmb 2014-08-18
Mageia MGASA-2014-0336 kernel-linus 2014-08-18
Mageia MGASA-2014-0330 kernel-linus 2014-08-18
Mageia MGASA-2014-0318 kernel 2014-08-05
Mageia MGASA-2014-0316 kernel 2014-08-05
Fedora FEDORA-2014-8487 kernel 2014-07-25
Oracle ELSA-2014-0786 kernel 2014-07-23
Red Hat RHSA-2014:0913-01 kernel-rt 2014-07-22
Fedora FEDORA-2014-7863 kernel 2014-06-30
Red Hat RHSA-2014:0786-01 kernel 2014-06-24
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds