Vulnerabilities

CVE-2014-4027

by Fred · 23/06/2014

The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.

Date published : 2014-06-23

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc

https://bugzilla.redhat.com/show_bug.cgi?id=1108744

Similar

Tags: Cybersecurity Alert