CVE-2014-1739

Published: June 23, 2014Last modified: April 24, 2024

Description

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.

Status

Product	Release	Package	Status
Alpaquita Linux	Stream	linux-lts	Not affected (6.1.33-r0)

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e6a623460e5fc960ac3ee9f946d3106233fd28d8
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
http://secunia.com/advisories/59597
http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.html
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.6
http://www.openwall.com/lists/oss-security/2014/06/15/1
http://www.securityfocus.com/bid/68048
http://www.securitytracker.com/id/1038201
http://www.ubuntu.com/usn/USN-2259-1
http://www.ubuntu.com/usn/USN-2261-1
http://www.ubuntu.com/usn/USN-2263-1
http://www.ubuntu.com/usn/USN-2264-1
https://bugzilla.redhat.com/show_bug.cgi?id=1109774
https://github.com/torvalds/linux/commit/e6a623460e5fc960ac3ee9f946d3106233fd28d8
https://source.android.com/security/bulletin/2017-04-01

Download Alpaquita Linux

Download Liberica JDK

Download Liberica Native Image Kit

Alpaquita Cloud
Native Platform

Pricing

Alpaquita

Containers for Spring Boot

Liberica JDK

Liberica JDK 6&7

Liberica JDK for Embedded

Liberica JDK
Performance Edition

Liberica JDK with CRaC

Liberica Native Image Kit

Liberica Mission Control

Liberica Administration Center

Blog

Documentation

Content Library

Support for Liberica JDK

Support for Alpaquita Linux

Support for Liberica Native Image Kit

Company

Newsroom

CVE-2014-1739

Description

Status

References

Download Alpaquita Linux

Download Liberica JDK

Download Liberica Native Image Kit

Alpaquita Cloud Native Platform

Pricing

Alpaquita

Containers for Spring Boot

Liberica JDK

Liberica JDK 6&7

Liberica JDK for Embedded

Liberica JDKPerformance Edition

Liberica JDK with CRaC

Liberica Native Image Kit

Liberica Mission Control

Liberica Administration Center

Blog

Documentation

Content Library

Support for Liberica JDK

Support for Alpaquita Linux

Support for Liberica Native Image Kit

Company

Newsroom

CVE-2014-1739

Description

Status

References

Alpaquita Cloud
Native Platform

Liberica JDK
Performance Edition