Lucene search

[email protected]CVE-2014-3183

HistorySep 28, 2014 - 10:55 a.m.

CVE-2014-3183

2014-09-2810:55:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2014-3183

buffer overflow

logitech

linux kernel

denial of service

nvd

security vulnerability

7.9 High

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

33.5%

JSON

Heap-based buffer overflow in the logi_dj_ll_raw_request function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that specifies a large report size for an LED report.

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt3.16.2

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	3.16.2

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=51217e69697fba92a06e07e16f55c9a52d8e8945

www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.2

www.openwall.com/lists/oss-security/2014/09/11/21

bugzilla.redhat.com/show_bug.cgi?id=1141344

code.google.com/p/google-security-research/issues/detail?id=90

github.com/torvalds/linux/commit/51217e69697fba92a06e07e16f55c9a52d8e8945

7.9 High

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

33.5%

JSON

Related for CVE-2014-3183

ubuntucve1 prion1 debiancve1 f52 openvas2 nessus2