Home

CVE-2014-0131

Description

Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation.

Risk Information

Base Score
6.5
MODERATE
Vector
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.104

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel (USN-2283-1) linux-image-3.2.0-67-generic_3.2.0-67.101_i386.debLinux
Linux kernel (USN-2283-1) linux-image-3.2.0-67-generic_3.2.0-67.101_amd64.debLinux
Linux kernel (USN-2283-1) linux-image-3.2.0-67-virtual_3.2.0-67.101_i386.debLinux
Linux kernel (USN-2283-1) linux-image-3.2.0-67-virtual_3.2.0-67.101_amd64.debLinux
Linux kernel (USN-2283-1) linux-image-3.2.0-67-generic-pae_3.2.0-67.101_i386.debLinux
Linux hardware enablement kernel from Quantal (USN-2285-1) linux-image-3.5.0-54-generic_3.5.0-54.81~precise1_i386.debLinux
Linux hardware enablement kernel from Quantal (USN-2285-1) linux-image-3.5.0-54-generic_3.5.0-54.81~precise1_amd64.debLinux
Linux hardware enablement kernel from Raring (USN-2286-1) linux-image-3.8.0-44-generic_3.8.0-44.66~precise1_i386.debLinux
Linux hardware enablement kernel from Raring (USN-2286-1) linux-image-3.8.0-44-generic_3.8.0-44.66~precise1_amd64.debLinux
Linux hardware enablement kernel from Saucy (USN-2287-1) linux-image-3.11.0-26-generic_3.11.0-26.45~precise1_i386.debLinux
Linux hardware enablement kernel from Saucy (USN-2287-1) linux-image-3.11.0-26-generic_3.11.0-26.45~precise1_amd64.debLinux
Use After Free Vulnerability (CVE-2014-0131)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234