6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
30.3%
Array index error in the logi_dj_raw_event function in
drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows
physically proximate attackers to execute arbitrary code or cause a denial
of service (invalid kfree) via a crafted device that provides a malformed
REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value.
Author | Note |
---|---|
jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |
www.openwall.com/lists/oss-security/2014/09/11
code.google.com/p/google-security-research/issues/detail?id=89
launchpad.net/bugs/cve/CVE-2014-3182
nvd.nist.gov/vuln/detail/CVE-2014-3182
security-tracker.debian.org/tracker/CVE-2014-3182
ubuntu.com/security/notices/USN-2376-1
ubuntu.com/security/notices/USN-2377-1
ubuntu.com/security/notices/USN-2394-1
ubuntu.com/security/notices/USN-2395-1
www.cve.org/CVERecord?id=CVE-2014-3182