CVE-2014-4027
The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0009 (0.1%)
Percentile: 25.4%
EPSS: 2026-05-06
Affects
linux:linux_kernelredhat:enterprise_linuxcanonical:ubuntu_linuxsuse:linux_enterprise_desktopsuse:linux_enterprise_high_availability_extensionsuse:linux_enterprise_real_time_extensionsuse:linux_enterprise_serverf5:big-ip_access_policy_managerf5:big-ip_advanced_firewall_managerf5:big-ip_analyticsf5:big-ip_application_acceleration_managerf5:big-ip_application_security_managerf5:big-ip_domain_name_systemf5:big-ip_edge_gatewayf5:big-ip_global_traffic_managerf5:big-ip_link_controllerf5:big-ip_local_traffic_managerf5:big-ip_policy_enforcement_managerf5:big-ip_protocol_security_modulef5:big-ip_wan_optimization_managerf5:big-ip_webacceleratorf5:big-iq_application_delivery_controllerf5:big-iq_cloudf5:big-iq_devicef5:big-iq_securityf5:enterprise_managerTechnical description
The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.
Published: 6/23/2014, 11:21:18 AM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc
- http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
- http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618
- http://secunia.com/advisories/59134
- http://secunia.com/advisories/59777
- http://secunia.com/advisories/60564
- http://secunia.com/advisories/61310