Computer Security
[EN] securityvulns.ru no-pyccku


Linux syscall auditing DoS
Published:13.06.2014
Source:
SecurityVulns ID:13816
Type:local
Threat Level:
5/10
Description:System crash on audited syscall with large number.
CVE:CVE-2014-3917 (kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.)
Original documentdocumentAndy Lutomirski, [oss-security] CVE request: Linux kernel DoS with syscall auditing (13.06.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod