You are here

CVE-2014-1445

Vincent (CVE) Danen's picture
The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call.

Details Source

Mitre

Statement

This issue does not affect the versions of the kernel package as shipped with
Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.

Public Date

2013-10-16 00:00:00

Impact

Low

Bugzilla

CVE-2014-1445 Kernel: wanxl: information leak in ioctl

Bugzilla ID

1 053 613

CVSS Status

draft

Base Score

2.10

Base Metrics

AV:L/AC:L/Au:N/C:P/I:N/A:N

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel Not affected
Red Hat Enterprise Linux 7 kernel Not affected
Red Hat Enterprise Linux 6 kernel Not affected
Red Hat Enterprise Linux 5 kernel Not affected