Bug 505680 (CVE-2014-0069)

Summary:	Kernel: cifs: incorrect handling of bogus user pointers during uncached writes (CVE-2014-0069)
Product:	Gentoo Security	Reporter:	Agostino Sarubbo <ago>
Component:	Kernel	Assignee:	Gentoo Kernel Security <security-kernel>
Status:	RESOLVED FIXED
Severity:	normal	CC:	kernel
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description Agostino Sarubbo gentoo-dev

2014-03-25 12:06:36 UTC

CVE-2014-0069 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0069):

The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly 
handle uncached write operations that copy fewer than the requested number of bytes, which allows local 
users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and 
system crash), or possibly gain privileges via a writev system call with a crafted pointer.

Comment 1 GLSAMaker/CVETool Bot gentoo-dev

2014-08-10 22:04:56 UTC

CVE-2014-0069 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0069):
  The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through
  3.13.5 does not properly handle uncached write operations that copy fewer
  than the requested number of bytes, which allows local users to obtain
  sensitive information from kernel memory, cause a denial of service (memory
  corruption and system crash), or possibly gain privileges via a writev
  system call with a crafted pointer.

Comment 2 John Helmert III archtester

2022-03-25 21:46:31 UTC

Fix in 3.14, https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f