Vulnerability Details : CVE-2014-2568
Use-after-free vulnerability in the nfqnl_zcopy function in net/netfilter/nfnetlink_queue_core.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. NOTE: the affected code was moved to the skb_zerocopy function in net/core/skbuff.c before the vulnerability was announced.
Vulnerability category: Memory Corruption
Products affected by CVE-2014-2568
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-2568
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 37 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-2568
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.9
|
LOW | AV:A/AC:M/Au:N/C:P/I:N/A:N |
5.5
|
2.9
|
NIST |
CWE ids for CVE-2014-2568
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-2568
-
http://www.openwall.com/lists/oss-security/2014/03/20/16
oss-security - Re: CVE request -- kernel: net: potential information leak when ubuf backed skbs are skb_zerocopy()iedMailing List;Patch;Third Party Advisory
-
http://seclists.org/oss-sec/2014/q1/627
oss-sec: CVE request -- kernel: net: potential information leak when ubuf backed skbs are skb_zerocopy()iedMailing List;Third Party Advisory
-
https://lkml.org/lkml/2014/3/20/421
LKML: Zoltan Kiss: [PATCH v3] core, nfqueue, openvswitch: Orphan frags in skb_zerocopy and handle errorsExploit;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2240-1
USN-2240-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1079012
1079012 – (CVE-2014-2568) CVE-2014-2568 kernel: net: potential information leak when ubuf backed skbs are skb_zerocopy()iedIssue Tracking;Third Party Advisory
-
http://www.securityfocus.com/bid/66348
Linux Kernel CVE-2014-2568 Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/91922
Linux Kernel skb_zerocopy() information disclosure CVE-2014-2568 Vulnerability ReportVDB Entry;Third Party Advisory
Jump to