CVE-2014-0181

Published: Apr 27, 2014Modified: May 6, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program.

Affected (8)

Products: Linux: Linux Kernel · Opensuse: Evergreen · Redhat: Enterprise Linux Desktop, Enterprise Linux Server · +1 more

Show all products

Linux: Linux Kernel · Opensuse: Evergreen · Redhat: Enterprise Linux Desktop, Enterprise Linux Server · Suse: Linux Enterprise Real Time Extension, Linux Enterprise Server, Suse Linux Enterprise Server

1 product

1 product

2 products

Enterprise Linux Desktop

Enterprise Linux Server

3 products

Linux Enterprise Real Time Extension

Linux Enterprise Server

Suse Linux Enterprise Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Up to 3.14.1

Configuration B

7 vulnerable

Vulnerable Software	Affected Versions
Opensuse Evergreen	Version 11.4
Redhat Enterprise Linux Desktop	Version 5
Redhat Enterprise Linux Server	Version 5.0
Suse Linux Enterprise Real Time Extension	Version 11 sp3
Suse Linux Enterprise Server	Version 10 sp4
Suse Linux Enterprise Server	Version 11 sp1
Suse Suse Linux Enterprise Server	Version 11

Related CWEs

References (24)

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html

Source: secalert@redhat.com

Third Party Advisory

http://marc.info/?l=linux-netdev&m=139828832919748&w=2

Source: secalert@redhat.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2014-1959.html

Source: secalert@redhat.com

Third Party Advisory

http://www.openwall.com/lists/oss-security/2014/04/23/6

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2023/04/16/3

Source: secalert@redhat.com

https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=90f62cf30a78721641e08737bda787552428061e

Source: secalert@redhat.com

PatchVendor Advisory

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.45

Source: secalert@redhat.com

Release NotesVendor Advisory

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.9

Source: secalert@redhat.com

Release NotesVendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://marc.info/?l=linux-netdev&m=139828832919748&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2014-1959.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.openwall.com/lists/oss-security/2014/04/23/6

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2023/04/16/3

Source: af854a3a-2127-422b-91ae-364da2661108

https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=90f62cf30a78721641e08737bda787552428061e

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.45

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.9

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

Timeline

No history available yet.