CVE-2014-4943
published 2014-07-19CVE-2014-4943: The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences…
medium6.9CVSS 3.1
AVLACMAuNCCICAC
EXPLOIT
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 3.14.13-1 (bookworm) | linux 3.14.13-1 (bookworm) |
| linux | linux_kernel | >= 0 < 3.14.13-1 | 3.14.13-1 |
| linux | linux_kernel | >= 0 < 3.14.13-1 | 3.14.13-1 |
| linux | linux_kernel | >= 0 < 3.14.13-1 | 3.14.13-1 |
| linux | linux_kernel | >= 0 < 3.14.13-1 | 3.14.13-1 |
| linux | linux_kernel | >= 0 < 3.13.0-32.57 | 3.13.0-32.57 |
| linux | linux_kernel | >= 2.6.23 < 3.2.62 | 3.2.62 |
| linux | linux_kernel | >= 3.11 < 3.12.27 | 3.12.27 |
| linux | linux_kernel | >= 3.13 < 3.14.16 | 3.14.16 |
| linux | linux_kernel | >= 3.15 < 3.15.9 | 3.15.9 |
| linux | linux_kernel | >= 3.3 < 3.4.102 | 3.4.102 |
| linux | linux_kernel | >= 3.5 < 3.10.52 | 3.10.52 |
| opensuse | opensuse | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| suse | linux_enterprise_desktop | — | — |
| suse | linux_enterprise_server | — | — |
CVSS provenance
nvd6.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C
osv6.9MEDIUM