1. Home
  2. Vulnerabilities
  3. CVE-2014-0038

CVE-2014-0038

CVSS v2.0 6.9 (Medium)
69% Progress
EPSS 0.06 % (27th)
0.06% Progress
Affected Products 2
Advisories 7
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter.

Weaknesses
CWE-20
Improper Input Validation
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2014-02-06 22:55:03
(10 years ago)
Updated Date
2024-02-09 19:14:07
(7 months ago)

Affected Products

Linux

Opensuse

Configuration #1

    CPE23 From Up To
  Linux Kernel from 3.4 version and prior 3.4.79 version cpe:2.3:o:linux:linux_kernel >= 3.4 < 3.4.79
  Linux Kernel from 3.5 version and prior 3.10.29 version cpe:2.3:o:linux:linux_kernel >= 3.5 < 3.10.29
  Linux Kernel from 3.11 version and prior 3.12.10 version cpe:2.3:o:linux:linux_kernel >= 3.11 < 3.12.10
  Linux Kernel from 3.13 version and prior 3.13.2 version cpe:2.3:o:linux:linux_kernel >= 3.13 < 3.13.2

Configuration #2

    CPE23 From Up To
  Opensuse 12.3 cpe:2.3:o:opensuse:opensuse:12.3