Vulnerability Name:

CVE-2014-8612 (CCN-100600)

Assigned:2014-11-04
Published:2015-01-27
Updated:2018-10-09
Summary:Multiple array index errors in the Stream Control Transmission Protocol (SCTP) module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to (1) gain privileges via the stream id to the setsockopt function, when setting the SCTIP_SS_VALUE option, or (2) read arbitrary kernel memory via the stream id to the getsockopt function, when getting the SCTP_SS_PRIORITY option.
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
3.4 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-264
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2014-8612

Source: CCN
Type: Full Disclosure Mailing List, Tue, 27 Jan 2015 17:52:19 -0300
[CORE-2015-0003] - FreeBSD Kernel Multiple Vulnerabilities

Source: FULLDISC
Type: Exploit
20150127 [CORE-2015-0003] - FreeBSD Kernel Multiple Vulnerabilities

Source: MISC
Type: Exploit
http://www.coresecurity.com/advisories/freebsd-kernel-multiple-vulnerabilities

Source: BUGTRAQ
Type: UNKNOWN
20150127 [CORE-2015-0003] - FreeBSD Kernel Multiple Vulnerabilities

Source: BID
Type: UNKNOWN
72342

Source: CCN
Type: BID-72342
FreeBSD CVE-2014-8612 Local Privilege Escalation Vulnerability

Source: SECTRACK
Type: Exploit
1031648

Source: XF
Type: UNKNOWN
freebsd-cve20148612-priv-esc(100600)

Source: CCN
Type: Packet Storm Security [01-28-2015]
FreeBSD Kernel Crash / Code Execution / Disclosure

Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-15:02.kmem
SCTP SCTP_SS_VALUE kernel memory corruption and disclosure

Source: FREEBSD
Type: Vendor Advisory
FreeBSD-SA-15:02

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-8612

Vulnerable Configuration:Configuration 1:
  • cpe:/o:freebsd:freebsd:8.4:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:9.3:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:10.0:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:10.1:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:freebsd:freebsd:10.0:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:8.4:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:9.3:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:10.1:-:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    freebsd freebsd 8.4
    freebsd freebsd 9.3
    freebsd freebsd 10.0
    freebsd freebsd 10.1
    freebsd freebsd 10.0
    freebsd freebsd 8.4
    freebsd freebsd 9.3 -
    freebsd freebsd 10.1 -