Base Score

HIGH7.8

CVE-2014-9114

Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.

VectorLOCAL

Published Bycve@mitre.org

Published DateMar 31, 2017, 16:59

Weakness Type (CWE):CWE-77

CVSS Metrics

Base Score

7.8

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH

References

http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145188.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-December/146229.html
http://lists.opensuse.org/opensuse-updates/2015-01/msg00035.html
http://www.openwall.com/lists/oss-security/2014/11/26/21
http://www.securityfocus.com/bid/71327
https://bugzilla.redhat.com/show_bug.cgi?id=1168485
https://exchange.xforce.ibmcloud.com/vulnerabilities/98993
https://github.com/karelzak/util-linux/commit/89e90ae7b2826110ea28c1c0eb8e7c56c3907bdc
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
https://security.gentoo.org/glsa/201612-14

Base Score

HIGH7.8

Weakness Type (CWE):CWE-77

CVSS Metrics

Base Score

7.8

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH