CVE-2014-1690
Summary
| CVE | CVE-2014-1690 |
|---|---|
| State | PUBLISHED |
| Assigner | redhat |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-02-28 06:18:54 UTC |
| Updated | 2026-04-29 01:13:23 UTC |
| Description | The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature. |
Risk And Classification
Primary CVSS: v2.0 2.6 from [email protected]
AV:N/AC:H/Au:N/C:P/I:N/A:N
EPSS: 0.038490000 probability, percentile 0.888710000 (date 2026-07-06)
Problem Types: CWE-200 | n/a
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
HighAuthentication
NoneConfidentiality
PartialIntegrity
NoneAvailability
NoneAV:N/AC:H/Au:N/C:P/I:N/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 13.10 | All | All | All |
| Operating System | Linux | Linux Kernel | All | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| USN-2137-1: Linux kernel (Saucy HWE) vulnerabilities | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | Third Party Advisory |
| USN-2140-1: Linux kernel vulnerabilities | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | Third Party Advisory |
| git.kernel.org | af854a3a-2127-422b-91ae-364da2661108 | git.kernel.org | |
| www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8 | af854a3a-2127-422b-91ae-364da2661108 | www.kernel.org | Mailing List, Patch, Vendor Advisory |
| USN-2158-1: Linux kernel (Raring HWE) vulnerabilities | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | Third Party Advisory |
| Bug 1058748 – CVE-2014-1690 Kernel: netfilter: nf_nat: leakage of uninitialized buffer in IRC NAT helper | af854a3a-2127-422b-91ae-364da2661108 | bugzilla.redhat.com | Issue Tracking, Patch, Third Party Advisory |
| oss-security - Re: CVE request Linux kernel: netfilter: nf_nat: leakage of uninitialized buffer in IRC NAT helper | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List, Patch, Third Party Advisory |
| netfilter: nf_nat: fix access to uninitialized buffer in IRC NAT helper · torvalds/linux@2690d97 · GitHub | af854a3a-2127-422b-91ae-364da2661108 | github.com | Exploit, Patch, Third Party Advisory |
| kernel/git/torvalds/linux.git - Linux kernel source tree | MITRE | git.kernel.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.