The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Information
Published : 2014-06-23 04:21
Updated : 2020-08-19 12:18
NVD link : CVE-2014-1739
Mitre link : CVE-2014-1739
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
suse
- suse_linux_enterprise_desktop
- suse_linux_enterprise_server
- linux_enterprise_high_availability_extension
canonical
- ubuntu_linux
linux
- linux_kernel