CVE-2014-0131

Published: Mar 24, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=1074589

x_refsource_CONFIRM

[netdev] 20140310 [PATCH 0/5] skbuff: fix skb_segment with zero copy skbs

mailing-list

x_refsource_MLIST

SUSE-SU-2015:0481

vendor-advisory

x_refsource_SUSE

https://github.com/torvalds/linux/commit/1fd819ecb90cc9b822cd84d3056ddba315d3340f

x_refsource_CONFIRM

openSUSE-SU-2015:0566

vendor-advisory

x_refsource_SUSE

[netdev] 20140310 [PATCH 5/5] skbuff: skb_segment: orphan frags before copying

mailing-list

x_refsource_MLIST

[oss-security] 20140310 CVE-2014-0131 -- kernel: net: use-after-free during segmentation with zerocopy

mailing-list

x_refsource_MLIST

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1fd819ecb90cc9b822cd84d3056ddba315d3340f

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-0131

Description

Affected Products

References