Wind River Support Network

HomeDefectsLIN6-6787

Fixed

LIN6-6787 : Security Advisory - linux - CVE-2014-1446

Created: Feb 16, 2014 Updated: Dec 3, 2018

Resolved Date: Apr 7, 2014

Previous ID: LIN3-35693

Found In Version: 6.0.0.6

Fix Version: 6.0.0.6

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Kernel

Description

The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1446

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38