mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-24 15:54:10 +02:00
0xMarcio
896 B
896 B
CVE-2014-1739
Description
The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.
POC
Reference
- http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.html
- http://www.openwall.com/lists/oss-security/2014/06/15/1
Github
No PoCs found on GitHub currently.