CVE-2014-0484

NameCVE-2014-0484
DescriptionThe Debian acpi-support package before 0.140-5+deb7u3 allows local users to gain privileges via vectors related to the "user's environment."
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-49-1, DSA-3020-1
NVD severityhigh (attack range: local)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
acpi-support (PTS)wheezy, wheezy (security)0.140-5+deb7u3fixed
jessie0.142-6fixed
buster, stretch, sid0.142-8fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
acpi-supportsource(unstable)0.142-4high
acpi-supportsourcesqueeze0.137-5+deb6u2highDLA-49-1
acpi-supportsourcewheezy0.140-5+deb7u3highDSA-3020-1

Search for package or bug name: Reporting problems