Mailinglist Archive: opensuse-bugs (4283 mails)

< Previous Next >
[Bug 1037307] New: VUL-0: CVE-2014-9940: kernel-source: denial of service (use-after-free) via a crafted application (regulator_ena_gpio_free func in drivers/regulator/core.c)
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Tue, 02 May 2017 23:46:36 +0000
  • Message-id: <bug-1037307-21960@http.bugzilla.opensuse.org/>
http://bugzilla.opensuse.org/show_bug.cgi?id=1037307


Bug ID: 1037307
Summary: VUL-0: CVE-2014-9940: kernel-source: denial of service
(use-after-free) via a crafted application
(regulator_ena_gpio_free func in
drivers/regulator/core.c)
Classification: openSUSE
Product: openSUSE Distribution
Version: Leap 42.2
Hardware: Other
OS: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Security
Assignee: security-team@xxxxxxx
Reporter: mikhail.kasimov@xxxxxxxxx
QA Contact: qa-bugs@xxxxxxx
Found By: ---
Blocker: ---

Ref: https://nvd.nist.gov/vuln/detail/CVE-2014-9940
===================================================
Description

The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux
kernel before 3.19 allows local users to gain privileges or cause a denial of
service (use-after-free) via a crafted application.
===================================================

Hyperlinks

[1]
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=60a2362f769cf549dc466134efe71c8bf9fbaaba

[2]
https://github.com/torvalds/linux/commit/60a2362f769cf549dc466134efe71c8bf9fbaaba

[3] https://source.android.com/security/bulletin/2017-05-01

Please, check, if it is applicable for SUSE-supported kernel-branches.

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >
Follow Ups