cvelist/2014/1xxx/CVE-2014-1738.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2014-1738",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "n/a",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "n/a"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "n/a"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "n/a"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "[oss-security] 20140509 Linux kernel floppy ioctl kernel code execution",
            "refsource" : "MLIST",
            "url" : "http://www.openwall.com/lists/oss-security/2014/05/09/2"
         },
         {
            "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2145e15e0557a01b9195d1c7199a1b92cb9be81f",
            "refsource" : "CONFIRM",
            "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2145e15e0557a01b9195d1c7199a1b92cb9be81f"
         },
         {
            "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1094299",
            "refsource" : "CONFIRM",
            "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1094299"
         },
         {
            "name" : "https://github.com/torvalds/linux/commit/2145e15e0557a01b9195d1c7199a1b92cb9be81f",
            "refsource" : "CONFIRM",
            "url" : "https://github.com/torvalds/linux/commit/2145e15e0557a01b9195d1c7199a1b92cb9be81f"
         },
         {
            "name" : "http://linux.oracle.com/errata/ELSA-2014-0771.html",
            "refsource" : "CONFIRM",
            "url" : "http://linux.oracle.com/errata/ELSA-2014-0771.html"
         },
         {
            "name" : "http://linux.oracle.com/errata/ELSA-2014-3043.html",
            "refsource" : "CONFIRM",
            "url" : "http://linux.oracle.com/errata/ELSA-2014-3043.html"
         },
         {
            "name" : "DSA-2926",
            "refsource" : "DEBIAN",
            "url" : "http://www.debian.org/security/2014/dsa-2926"
         },
         {
            "name" : "DSA-2928",
            "refsource" : "DEBIAN",
            "url" : "http://www.debian.org/security/2014/dsa-2928"
         },
         {
            "name" : "RHSA-2014:0800",
            "refsource" : "REDHAT",
            "url" : "http://rhn.redhat.com/errata/RHSA-2014-0800.html"
         },
         {
            "name" : "RHSA-2014:0801",
            "refsource" : "REDHAT",
            "url" : "http://rhn.redhat.com/errata/RHSA-2014-0801.html"
         },
         {
            "name" : "SUSE-SU-2014:0667",
            "refsource" : "SUSE",
            "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
         },
         {
            "name" : "SUSE-SU-2014:0683",
            "refsource" : "SUSE",
            "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
         },
         {
            "name" : "67302",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/67302"
         },
         {
            "name" : "1030474",
            "refsource" : "SECTRACK",
            "url" : "http://www.securitytracker.com/id/1030474"
         },
         {
            "name" : "59309",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/59309"
         },
         {
            "name" : "59599",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/59599"
         },
         {
            "name" : "59262",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/59262"
         },
         {
            "name" : "59406",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/59406"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "cve@mitre.org",`
			`"ID" : "CVE-2014-1738",`
			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "n/a",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "[oss-security] 20140509 Linux kernel floppy ioctl kernel code execution",`
			`"refsource" : "MLIST",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.openwall.com/lists/oss-security/2014/05/09/2"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2145e15e0557a01b9195d1c7199a1b92cb9be81f",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2145e15e0557a01b9195d1c7199a1b92cb9be81f"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1094299",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1094299"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://github.com/torvalds/linux/commit/2145e15e0557a01b9195d1c7199a1b92cb9be81f",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://github.com/torvalds/linux/commit/2145e15e0557a01b9195d1c7199a1b92cb9be81f"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://linux.oracle.com/errata/ELSA-2014-0771.html",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://linux.oracle.com/errata/ELSA-2014-0771.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://linux.oracle.com/errata/ELSA-2014-3043.html",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://linux.oracle.com/errata/ELSA-2014-3043.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "DSA-2926",`
			`"refsource" : "DEBIAN",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.debian.org/security/2014/dsa-2926"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "DSA-2928",`
			`"refsource" : "DEBIAN",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.debian.org/security/2014/dsa-2928"`
			`},`
- Synchronized data. 2017-12-20 15:02:37 -05:00			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "RHSA-2014:0800",`
			`"refsource" : "REDHAT",`
- Synchronized data. 2017-12-20 15:02:37 -05:00			`"url" : "http://rhn.redhat.com/errata/RHSA-2014-0800.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "RHSA-2014:0801",`
			`"refsource" : "REDHAT",`
- Synchronized data. 2017-12-20 15:02:37 -05:00			`"url" : "http://rhn.redhat.com/errata/RHSA-2014-0801.html"`
			`},`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "SUSE-SU-2014:0667",`
			`"refsource" : "SUSE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "SUSE-SU-2014:0683",`
			`"refsource" : "SUSE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "67302",`
			`"refsource" : "BID",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securityfocus.com/bid/67302"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "1030474",`
			`"refsource" : "SECTRACK",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securitytracker.com/id/1030474"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "59309",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/59309"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "59599",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/59599"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "59262",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/59262"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "59406",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/59406"`
			`}`
			`]`
			`}`
			`}`