CVE-2014-1874

CVSS v2.0 4.9 (Medium)

EPSS 0.04 % (11^th)

Affected Products 3

Advisories 69

The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context.

Weaknesses

CWE-20: Improper Input Validation

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2014-02-28 06:18:54
(10 years ago)
Updated Date: 2023-02-13 00:38:31
(19 months ago)

Affected Products

Configuration #1

		CPE23	From	Up To
	Linux Kernel prior 3.13.4 version	cpe:2.3:o:linux:linux_kernel		< 3.13.4

Configuration #2

		CPE23	From	Up To
	Suse Linux Enterprise Server 10 SP4	cpe:2.3:o:suse:linux_enterprise_server:10:sp4:::ltss

Configuration #3

		CPE23	From	Up To
	Canonical Ubuntu Linux 10.04	cpe:2.3:o:canonical:ubuntu_linux:10.04:::*:-
	Canonical Ubuntu Linux 12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04:::*:esm
	Canonical Ubuntu Linux 12.10	cpe:2.3:o:canonical:ubuntu_linux:12.10
	Canonical Ubuntu Linux 13.10	cpe:2.3:o:canonical:ubuntu_linux:13.10

Weaknesses

Affected Products

Canonical

Linux

Suse

Configuration #1

Configuration #2

Configuration #3