CVE-2014-4027

Description

The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.

CVSS Metrics

• v2.0•LOW•Score: 2.3AV:A/AC:M/Au:S/C:P/I:N/A:N

EPSS Trends

Current EPSS score: 0.09%• Percentile: 26%

Techniques & Countermeasures

• CWE-200•Exposure of Sensitive Information to an Unauthorized Actor

  The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Affected Systems

• canonical•ubuntu_linux

  12.04

• f5•big-ip_access_policy_manager

  ≥ 11.1.0, ≤ 11.6.0 | 12.0.0

• f5•big-ip_advanced_firewall_manager

  ≥ 11.3.0, ≤ 11.6.0 | 12.0.0

• f5•big-ip_analytics

  ≥ 11.1.0, ≤ 11.6.0 | 12.0.0

• f5•big-ip_application_acceleration_manager

  ≥ 11.4.0, ≤ 11.6.0 | 12.0.0

• f5•big-ip_application_security_manager

  ≥ 11.1.0, ≤ 11.6.0 | 12.0.0

• f5•big-ip_domain_name_system

  12.0.0

• f5•big-ip_edge_gateway

  ≥ 11.1.0, ≤ 11.3.0

• f5•big-ip_global_traffic_manager

  ≥ 11.1.0, ≤ 11.6.0

• f5•big-ip_link_controller

  ≥ 11.1.0, ≤ 11.6.0 | 12.0.0

• f5•big-ip_local_traffic_manager

  ≥ 11.1.0, ≤ 11.6.0 | 12.0.0

• f5•big-ip_policy_enforcement_manager

  ≥ 11.3.0, ≤ 11.6.0 | 12.0.0

• f5•big-ip_protocol_security_module

  ≥ 11.1.0, ≤ 11.4.1

• f5•big-ip_wan_optimization_manager

  ≥ 11.1.0, ≤ 11.3.0

• f5•big-ip_webaccelerator

  ≥ 11.1.0, ≤ 11.3.0

• f5•big-iq_application_delivery_controller

  4.5.0

• f5•big-iq_cloud

  ≥ 4.0.0, ≤ 4.5.0

• f5•big-iq_device

  ≥ 4.2.0, ≤ 4.5.0

• f5•big-iq_security

  ≥ 4.0.0, ≤ 4.5.0

• f5•enterprise_manager

  ≥ 3.0.0, ≤ 3.1.1

• linux•linux_kernel

  < 3.14

• redhat•enterprise_linux

  6.0

• suse•linux_enterprise_desktop

  11:sp3

• suse•linux_enterprise_high_availability_extension

  11:sp3

• suse•linux_enterprise_real_time_extension

  11:sp3

• suse•linux_enterprise_server

  11:sp3

References (14)

• http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
• http://secunia.com/advisories/59134
• https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html
• https://bugzilla.redhat.com/show_bug.cgi?id=1108744
• http://www.ubuntu.com/usn/USN-2335-1
• http://www.ubuntu.com/usn/USN-2334-1
• http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc
• http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
• http://secunia.com/advisories/60564
• https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc
• http://secunia.com/advisories/59777
• http://secunia.com/advisories/61310
• http://www.openwall.com/lists/oss-security/2014/06/11/1
• http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618