{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-03-10T00:00:00", "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-03-24T16:57:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1074589"}, {"name": "[netdev] 20140310 [PATCH 0/5] skbuff: fix skb_segment with zero copy skbs", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.spinics.net/lists/netdev/msg274250.html"}, {"name": "SUSE-SU-2015:0481", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/1fd819ecb90cc9b822cd84d3056ddba315d3340f"}, {"name": "openSUSE-SU-2015:0566", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"}, {"name": "[netdev] 20140310 [PATCH 5/5] skbuff: skb_segment: orphan frags before copying", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.spinics.net/lists/netdev/msg274316.html"}, {"name": "[oss-security] 20140310 CVE-2014-0131 -- kernel: net: use-after-free during segmentation with zerocopy", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/03/10/4"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1fd819ecb90cc9b822cd84d3056ddba315d3340f"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:05:38.966Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1074589"}, {"name": "[netdev] 20140310 [PATCH 0/5] skbuff: fix skb_segment with zero copy skbs", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.spinics.net/lists/netdev/msg274250.html"}, {"name": "SUSE-SU-2015:0481", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/1fd819ecb90cc9b822cd84d3056ddba315d3340f"}, {"name": "openSUSE-SU-2015:0566", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"}, {"name": "[netdev] 20140310 [PATCH 5/5] skbuff: skb_segment: orphan frags before copying", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.spinics.net/lists/netdev/msg274316.html"}, {"name": "[oss-security] 20140310 CVE-2014-0131 -- kernel: net: use-after-free during segmentation with zerocopy", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/03/10/4"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1fd819ecb90cc9b822cd84d3056ddba315d3340f"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-0131", "datePublished": "2014-03-24T10:00:00", "dateReserved": "2013-12-03T00:00:00", "dateUpdated": "2024-08-06T09:05:38.966Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AACBAF47-C734-432C-AB3B-5BD4474107E6", "versionEndIncluding": "3.13.6", "versionStartIncluding": "3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*", "matchCriteriaId": "CCE4D64E-8C4B-4F21-A9B0-90637C85C1D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", "matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation."}, {"lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en la funci\u00f3n skb_segment en net/core/skbuff.c en el kernel de Linux hasta 3.13.6 permite a atacantes obtener informaci\u00f3n sensible de la memoria del kernel mediante el aprovechamiento de la ausencia de cierta operaci\u00f3n hu\u00e9rfana."}], "id": "CVE-2014-0131", "lastModified": "2023-02-13T00:32:38.900", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 5.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-03-24T16:40:48.093", "references": [{"source": "secalert@redhat.com", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1fd819ecb90cc9b822cd84d3056ddba315d3340f"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2014/03/10/4"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.spinics.net/lists/netdev/msg274250.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.spinics.net/lists/netdev/msg274316.html"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1074589"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/torvalds/linux/commit/1fd819ecb90cc9b822cd84d3056ddba315d3340f"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Michael S. Tsirkin (Red Hat).", "bugzilla": {"description": "kernel: net: use-after-free during segmentation with zerocopy", "id": "1074589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1074589"}, "csaw": false, "cvss": {"cvss_base_score": "2.9", "cvss_scoring_vector": "AV:A/AC:M/Au:N/C:P/I:N/A:N", "status": "draft"}, "cwe": "CWE-416", "details": ["Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation."], "name": "CVE-2014-0131", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:rhel_eus:6.4", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux Extended Update Support 6.4"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2014-03-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-0131\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-0131"], "statement": "This issue does not affect Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.\nThis issue affects the Linux kernel package as shipped with Red Hat Enterprise Linux 6. \nRed Hat Product Security has rated this issue as having Low security impact. The risks and engineering effort associated with fixing this bug are greater\nthan its security impact. This issue is not currently planned to be addressed\nin future kernel updates for Red Hat Enterprise Linux 6. For additional\ninformation, refer to the Issue Severity Classification: \nhttps://access.redhat.com/security/updates/classification/.", "threat_severity": "Low"}