Oval Definition:oval:com.ubuntu.precise:def:20142568000
Revision Date:2014-03-24Version:1
Title:CVE-2014-2568 on Ubuntu 12.04 LTS (precise) - medium.
Description:Use-after-free vulnerability in the nfqnl_zcopy function in net/netfilter/nfnetlink_queue_core.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. NOTE: the affected code was moved to the skb_zerocopy function in net/core/skbuff.c before the vulnerability was announced. An information leak was discovered in the netfilter subsystem of the Linux kernel. An attacker could exploit this flaw to obtain sensitive information from kernel memory.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2014-2568
Platform(s):Ubuntu 12.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 12.04 LTS (precise) is installed.
  • AND Package Information
  • NOT While related to the CVE in some way, the 'linux' package in precise is not affected.
  • OR NOT While related to the CVE in some way, the 'linux-armadaxp' package in precise is not affected.
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
  • OR NOT While related to the CVE in some way, the 'linux-lts-quantal' package in precise is not affected.
  • OR NOT While related to the CVE in some way, the 'linux-lts-raring' package in precise is not affected.
  • OR The 'linux-lts-saucy' package in precise was vulnerable but has been fixed (note: '3.11.0-23.40~precise1').
  • OR The 'linux-lts-trusty' package in precise was vulnerable but has been fixed (note: '3.13.0-29.53~precise1').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
  • OR NOT While related to the CVE in some way, the 'linux-ti-omap4' package in precise is not affected.
  • BACK