Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-7284
HistoryOct 13, 2014 - 10:55 a.m.

CVE-2014-7284

2014-10-1310:55:08
CWE-200
[email protected]
web.nvd.nist.gov
35
cve-2014-7284
net_get_random_once
linux kernel
intel processors
ip communication
tcp sequence numbers
udp port numbers
ip id values
nvd
security vulnerability

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

5 Medium

AI Score

Confidence

High

0.025 Low

EPSS

Percentile

90.1%

JSON

The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by leveraging the predictability of TCP sequence numbers, TCP and UDP port numbers, and IP ID values.

Affected configurations

NVD
Node
linuxlinux_kernelMatch3.13.1
OR
linuxlinux_kernelMatch3.13.2
OR
linuxlinux_kernelMatch3.13.3
OR
linuxlinux_kernelMatch3.13.4
OR
linuxlinux_kernelMatch3.13.5
OR
linuxlinux_kernelMatch3.13.6
OR
linuxlinux_kernelMatch3.13.7
OR
linuxlinux_kernelMatch3.13.8
OR
linuxlinux_kernelMatch3.13.9
OR
linuxlinux_kernelMatch3.13.10
OR
linuxlinux_kernelMatch3.13.11
OR
linuxlinux_kernelMatch3.14.1
OR
linuxlinux_kernelMatch3.14.2
OR
linuxlinux_kernelMatch3.14.3
OR
linuxlinux_kernelMatch3.14.4

Related

debiancve 1
ubuntucve 1
cvelist 1
f5 2
prion 1
nvd 1
openvas 5
mageia 3
ubuntu 2
nessus 1
debiancve
debiancve
CVE-2014-7284
2014-10-13 10:55:08
ubuntucve
ubuntucve
CVE-2014-7284
2014-10-13 00:00:00
cvelist
cvelist
CVE-2014-7284
2014-10-13 10:00:00
f5
f5
K15795 : Linux kernel vulnerability CVE-2014-7284
2014-11-06 00:00:00
SOL15795 - Linux kernel vulnerability CVE-2014-7284
2014-11-06 00:00:00
prion
prion
Design/Logic Flaw
2014-10-13 10:55:00
nvd
nvd
CVE-2014-7284
2014-10-13 10:55:08
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0455)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2014-0452)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2014-0451)
2022-01-28 00:00:00
mageia
mageia
Updated kernel-vserver packages fix security vulnerabilities
2014-11-15 21:31:46
Updated kernel-tmb packages fix security vulnerabilities
2014-11-15 21:31:46
Updated kernel-linus packages fix security vulnerabilities
2014-11-15 21:31:46
ubuntu
ubuntu
Linux kernel (Trusty HWE) vulnerabilities
2014-07-17 00:00:00
Linux kernel vulnerabilities
2014-07-17 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2290-1)
2014-07-17 00:00:00

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

5 Medium

AI Score

Confidence

High

0.025 Low

EPSS

Percentile

90.1%

JSON
Related for CVE-2014-7284
debiancve1ubuntucve1cvelist1f52prion1nvd1openvas5mageia3ubuntu2nessus1