CVE-2014-0206 : Array index error in the aio_read_events_ring function in fs/aio.c in the Linux

Array index error in the aio_read_events_ring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value.

Published 2014-06-25 11:19:21

Updated 2025-04-12 10:46:41

Source Red Hat, Inc.

View at NVD, CVE.org

Products affected by CVE-2014-0206

Linux » Linux Kernel
Versions up to, including, (<=) 3.15.1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2014-0206

EPSS FAQ

0.07%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 19 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2014-0206

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2014-0206

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=edfbbf388f29

kernel/git/torvalds/linux.git - Linux kernel source tree
Vendor Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=edfbbf388f293d70bf4b7c0bc38774d05e6f711a
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.10

Vendor Advisory
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.46

Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1094602

1094602 – (CVE-2014-0206) CVE-2014-0206 kernel: aio: insufficient sanitization of head in aio_read_events_ring()
Issue Tracking;Third Party Advisory
http://secunia.com/advisories/59278

Sign in
Third Party Advisory
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.24

Vendor Advisory
http://www.securitytracker.com/id/1030479

Linux Kernel aio_read_events_ring() Bugs Let Local Users Obtain Kernel Memory - SecurityTracker
Third Party Advisory;VDB Entry
https://github.com/torvalds/linux/commit/edfbbf388f293d70bf4b7c0bc38774d05e6f711a

aio: fix kernel memory disclosure in io_getevents() introduced in v3.10 · torvalds/linux@edfbbf3 · GitHub
Patch;Third Party Advisory
https://source.android.com/security/bulletin/2017-04-01

Android Security Bulletin—April 2017 | Android Open Source Project
Third Party Advisory

CVEs referencing this url
http://www.securitytracker.com/id/1038201

Google Android Multiple Flaws Let Users Deny Service, Obtain Potentially Sensitive Information, and Gain Elevated Privileges and Let Remote Users Execute Arbitrary Code - SecurityTracker
Third Party Advisory;VDB Entry

CVEs referencing this url
http://www.securityfocus.com/bid/68176

Linux Kernel '/fs/aio.c' Local Information Disclosure Vulnerability
Third Party Advisory;VDB Entry
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.3

Vendor Advisory

Jump to

Vulnerability Details : CVE-2014-0206

Products affected by CVE-2014-0206

Exploit prediction scoring system (EPSS) score for CVE-2014-0206

CVSS scores for CVE-2014-0206

References for CVE-2014-0206