Wind River Support Network

HomeDefectsOVP-1960
Fixed

OVP-1960 : Security Advisory - linux - CVE-2014-1739

Created: Jun 29, 2014    Updated: Mar 11, 2016
Resolved Date: Aug 1, 2014
Found In Version: 5.0.1
Fix Version: 5.0.1.16
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Kernel

Description

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1739
Live chat
Online