CVE-2014-1446
Description
The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call.
Risk Information
Base Score
5.5
MODERATE
Vector
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.154
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-2133-1) linux-image-3.2.0-60-generic_3.2.0-60.91_i386.deb | Linux |
| Linux kernel (USN-2133-1) linux-image-3.2.0-60-generic_3.2.0-60.91_amd64.deb | Linux |
| Linux kernel (USN-2133-1) linux-image-3.2.0-60-virtual_3.2.0-60.91_i386.deb | Linux |
| Linux kernel (USN-2133-1) linux-image-3.2.0-60-virtual_3.2.0-60.91_amd64.deb | Linux |
| Linux kernel (USN-2133-1) linux-image-3.2.0-60-generic-pae_3.2.0-60.91_i386.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234