6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
34.4%
Multiple stack-based buffer overflows in the magicmouse_raw_event function
in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux
kernel through 3.16.3 allow physically proximate attackers to cause a
denial of service (system crash) or possibly execute arbitrary code via a
crafted device that provides a large amount of (1) EHCI or (2) XHCI data
associated with an event.
Author | Note |
---|---|
jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |
www.openwall.com/lists/oss-security/2014/09/11
code.google.com/p/google-security-research/issues/detail?id=100
git.kernel.org/linus/c54def7bd64d7c0b6993336abcffb8444795bf38
launchpad.net/bugs/cve/CVE-2014-3181
nvd.nist.gov/vuln/detail/CVE-2014-3181
security-tracker.debian.org/tracker/CVE-2014-3181
ubuntu.com/security/notices/USN-2376-1
ubuntu.com/security/notices/USN-2377-1
ubuntu.com/security/notices/USN-2378-1
ubuntu.com/security/notices/USN-2379-1
www.cve.org/CVERecord?id=CVE-2014-3181