CVE-2014-8612

NONECVSS 0.0

0.0

Multiple array index errors in the Stream Control Transmission Protocol (SCTP) module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to (1) gain privileges via the stream id to the setsockopt function, when setting the SCTIP_SS_VALUE option, or (2) read arbitrary kernel memory via the stream id to the getsockopt function, when getting the SCTP_SS_PRIORITY option.

🔗 References (12)

cve@mitrehttp://seclists.org/fulldisclosure/2015/Jan/107
cve@mitrehttp://www.coresecurity.com/advisories/freebsd-kernel-multiple-vulnerabilities
cve@mitrehttp://www.securityfocus.com/archive/1/534563/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/72342
cve@mitrehttp://www.securitytracker.com/id/1031648
cve@mitrehttps://www.freebsd.org/security/advisories/FreeBSD-SA-15:02.kmem.asc
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2015/Jan/107
af854a3a-2127-422b-91ae-364da2661108http://www.coresecurity.com/advisories/freebsd-kernel-multiple-vulnerabilities
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/534563/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/72342
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031648
af854a3a-2127-422b-91ae-364da2661108https://www.freebsd.org/security/advisories/FreeBSD-SA-15:02.kmem.asc

Is Your Infrastructure Affected by CVE-2014-8612?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2014-8612

📅 Published

🔄 Last Modified

🔗 References (12)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2014-8612?