CVE-2014-4027

{"id": "CVE-2014-4027", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:M/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 4.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-06-23T11:21:18.700", "references": [{"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc", "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/59134", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/59777", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/60564", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/61310", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2014/06/11/1", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.ubuntu.com/usn/USN-2334-1", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.ubuntu.com/usn/USN-2335-1", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator."}, {"lang": "es", "value": "La funci\u00f3n rd_build_device_space en drivers/target/target_core_rd.c en el kernel de Linux anterior a 3.14 no inicializa debidamente cierta estructura de datos, lo que permite a usuarios locales obtener informaci\u00f3n sensible de la memoria ramdisk_mcp mediante el aprovechamiento del acceso a un iniciador SCSI."}], "lastModified": "2023-11-07T02:20:22.100", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5673276-6E6D-4AB2-9DA6-7873D78E58CF", "versionEndExcluding": "3.14"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "vulnerable": true, "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3A907A3-2A3A-46D4-8D75-914649877B65"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DB41B45-D94D-4A58-88B0-B3EC3EC350E2"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*", "vulnerable": true, "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "vulnerable": true, "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0A477D7-D770-40FA-822E-0686791DCBBC", "versionEndIncluding": "11.6.0", "versionStartIncluding": "11.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49BEE6CD-30CA-44B2-8A9E-B8198A44DB34", "versionEndIncluding": "11.6.0", "versionStartIncluding": "11.3.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A40013D7-C45F-4712-9FBB-12EC55ACA8A8", "versionEndIncluding": "11.6.0", "versionStartIncluding": "11.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD759D15-7861-45DD-9141-4F2855164368", "versionEndIncluding": "11.6.0", "versionStartIncluding": "11.4.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF00C6EB-94E6-47BA-9C73-F7EEF0F5C5F1", "versionEndIncluding": "11.6.0", "versionStartIncluding": "11.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FF30167-0241-4136-82F8-2D2FB545C19A", "versionEndIncluding": "11.3.0", "versionStartIncluding": "11.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFB9C044-BDFD-44B6-9DEA-F9EC3B793F15", "versionEndIncluding": "11.6.0", "versionStartIncluding": "11.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F7E38E6-5E18-491B-A4A3-E47EED2F882F", "versionEndIncluding": "11.6.0", "versionStartIncluding": "11.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E48CB17C-616D-4637-9811-93B4291052F3", "versionEndIncluding": "11.6.0", "versionStartIncluding": "11.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAA8052D-B8EA-4109-A93B-EDF8F1BF09F0", "versionEndIncluding": "11.6.0", "versionStartIncluding": "11.3.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C"}, {"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C666A18-9DED-4B49-92DE-474403FC17BF", "versionEndIncluding": "11.4.1", "versionStartIncluding": "11.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6B52D60-38DB-4BE9-91F4-B6553F5E5A93", "versionEndIncluding": "11.3.0", "versionStartIncluding": "11.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1E3204F-9464-4AC3-819B-D1A6B399FAE3", "versionEndIncluding": "11.3.0", "versionStartIncluding": "11.1.0"}, {"criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6"}, {"criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F", "versionEndIncluding": "4.5.0", "versionStartIncluding": "4.0.0"}, {"criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6", "versionEndIncluding": "4.5.0", "versionStartIncluding": "4.2.0"}, {"criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498", "versionEndIncluding": "4.5.0", "versionStartIncluding": "4.0.0"}, {"criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F", "versionEndIncluding": "3.1.1", "versionStartIncluding": "3.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}