PT-2014-2024 · Busybox+2 · Busybox+2

Mathias Krause

Publicado

2014-11-19

Atualizado

2024-06-15

CVE-2014-9645

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions BusyBox versions prior to 1.23.0

Description The issue is related to the add probe function in modutils/modprobe.c and is caused by insufficient input validation, allowing local users to bypass restrictions on loading kernel modules by using a / character in a module name. This can be demonstrated through commands such as "ifconfig /usbserial up" or "mount -t /snd pcm none /". The vulnerability affects the integrity of data.

Recommendations For versions prior to 1.23.0, update to version 1.23.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the add probe function until a patch is available. Avoid using the / character in module names to minimize the risk of exploitation.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

BDU:2021-03340

CVE-2014-9645

DLA-1445-1

DLA-2559-1

MGASA-2015-0041

OPENSUSE-SU-2022_4260-1

OPENSUSE-SU-2022_4371-1

OPENSUSE-SU-2024:12415-1

SUSE-SU-2015:1445-1

SUSE-SU-2015_1445-1

SUSE-SU-2022:4253-1

SUSE-SU-2022:4260-1

SUSE-SU-2022:4371-1

SUSE-SU-2022_4260-1

SUSE-SU-2022_4371-1

USN-3935-1

Produtos afetados

Busybox

Suse

Ubuntu

PT-2014-2024 · Busybox+2 · Busybox+2

CVE-2014-9645

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 153