CVE-2014-2568 on Ubuntu 12.04 LTS (precise) - medium.
Description:
Use-after-free vulnerability in the nfqnl_zcopy function in net/netfilter/nfnetlink_queue_core.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. NOTE: the affected code was moved to the skb_zerocopy function in net/core/skbuff.c before the vulnerability was announced. An information leak was discovered in the netfilter subsystem of the Linux kernel. An attacker could exploit this flaw to obtain sensitive information from kernel memory.