Unrated severityNVD Advisory· Published Jun 23, 2014· Updated May 6, 2026
CVE-2014-1739
CVE-2014-1739
Description
The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.
Affected products
7cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*+ 1 more
- cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
15- lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.htmlnvd
- secunia.com/advisories/59597nvd
- speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.htmlnvd
- www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.6nvd
- www.openwall.com/lists/oss-security/2014/06/15/1nvd
- www.securityfocus.com/bid/68048nvd
- www.securitytracker.com/id/1038201nvd
- www.ubuntu.com/usn/USN-2259-1nvd
- www.ubuntu.com/usn/USN-2261-1nvd
- www.ubuntu.com/usn/USN-2263-1nvd
- www.ubuntu.com/usn/USN-2264-1nvd
- bugzilla.redhat.com/show_bug.cginvd
- github.com/torvalds/linux/commit/e6a623460e5fc960ac3ee9f946d3106233fd28d8nvd
- source.android.com/security/bulletin/2017-04-01nvd
News mentions
0No linked articles in our index yet.