Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2014-9584

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.

  • Published: Jan 9, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-9584
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 2.1
  • AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
linux / linux_kernel - 3.18.2
redhat / enterprise_linux_desktop 7.0 7.0.x
redhat / enterprise_linux_workstation 7.0 7.0.x
redhat / enterprise_linux_server 7.0 7.0.x
redhat / enterprise_linux_aus 6.6 6.6.x
redhat / enterprise_linux_server_eus 7.2 7.2.x
redhat / enterprise_linux_server_eus 7.1 7.1.x
redhat / enterprise_linux_desktop 6.0 6.0.x
redhat / enterprise_linux_server 6.0 6.0.x
redhat / enterprise_linux_workstation 6.0 6.0.x
redhat / enterprise_linux_eus 6.6 6.6.x
redhat / enterprise_linux_server_tus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.4 7.4.x
redhat / enterprise_linux_server_eus 7.3 7.3.x
redhat / enterprise_linux_server_eus 7.4 7.4.x
redhat / enterprise_linux_server_eus 7.5 7.5.x
redhat / enterprise_linux_server_tus 7.6 7.6.x
redhat / enterprise_linux_server_eus 7.6 7.6.x
redhat / enterprise_linux_server_aus 7.6 7.6.x
redhat / enterprise_linux_server_tus 6.6 6.6.x
redhat / enterprise_linux_server_eus 7.7 7.7.x
redhat / enterprise_linux_server_aus 7.7 7.7.x
redhat / enterprise_linux_server_tus 7.7 7.7.x
suse / linux_enterprise_server 11-sp1 11-sp1.x
opensuse / evergreen 11.4 11.4.x
suse / linux_enterprise_real_time_extension 11-sp3 11-sp3.x
suse / linux_enterprise_server 11-sp2 11-sp2.x
suse / linux_enterprise_workstation_extension 12 12.x
suse / linux_enterprise_server 10-sp4 10-sp4.x
opensuse / opensuse 13.1 13.1.x
suse / linux_enterprise_server 12 12.x
suse / linux_enterprise_software_development_kit 12 12.x
suse / linux_enterprise_desktop 12 12.x
debian / debian_linux 8.0 8.0.x
debian / debian_linux 7.0 7.0.x
canonical / ubuntu_linux 12.04 12.04.x
canonical / ubuntu_linux 14.10 14.10.x
canonical / ubuntu_linux 14.04 14.04.x
canonical / ubuntu_linux 10.04 10.04.x
oracle / linux 5 5.x