Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2014-4608
HistoryJul 03, 2014 - 12:00 a.m.

CVE-2014-4608

2014-07-0300:00:00
ubuntu.com
ubuntu.com
19

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.4%

JSON

DISPUTED Multiple integer overflows in the lzo1x_decompress_safe
function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the
Linux kernel before 3.15.2 allow context-dependent attackers to cause a
denial of service (memory corruption) via a crafted Literal Run. NOTE: the
author of the LZO algorithms says “the Linux kernel is not affected;
media hype.”

Bugs

Notes

Author Note
jdstrand android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels
jj 206a81c18401c0cde6e579164f752c4b147324ce original commit was incomplete reverted by af958a38a60c7ca3d8a39c918c1baa2ff7b6b233 and replaced by 72cf90124e87d975d0b2114d930808c58b4c05e4, cause of -2 USN update

References

Related

securityvulns 3
f5 2
cve 1
nessus 32
freebsd 1
debiancve 1
prion 1
openvas 29
ubuntu 9
cisa 1
amazon 1
redhat 2
thn 1
veracode 3
centos 1
oraclelinux 1
suse 10
fedora 2
securityvulns
securityvulns
[oss-security] LMS-2014-06-16-2: Linux Kernel LZO
2014-06-28 00:00:00
[USN-2289-1] Linux kernel vulnerabilities
2014-07-21 00:00:00
Linux kernel multiple security vulnerabilities
2014-07-21 00:00:00
f5
f5
K15512 : LZO decompressor vulnerability CVE-2014-4608
2014-08-18 00:00:00
SOL15512 - LZO decompressor vulnerability CVE-2014-4608
2014-08-18 00:00:00
cve
cve
CVE-2014-4608
2014-07-03 04:22:00
nessus
nessus
FreeBSD : LZO -- potential buffer overrun when processing malicious input data (d1f5e12a-fd5a-11e3-a108-080027ef73ec)
2014-06-27 00:00:00
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2416-1)
2014-11-25 00:00:00
Ubuntu 14.10 : linux vulnerabilities (USN-2421-1)
2014-11-25 00:00:00
freebsd
freebsd
LZO -- potential buffer overrun when processing malicious input data
2014-06-25 00:00:00
debiancve
debiancve
CVE-2014-4608
2014-07-03 04:22:00
prion
prion
Integer overflow
2014-07-03 04:22:00
openvas
openvas
Ubuntu: Security Advisory (USN-2415-1)
2022-08-26 00:00:00
Ubuntu: Security Advisory (USN-2416-1)
2022-08-26 00:00:00
Ubuntu: Security Advisory (USN-2421-1)
2022-08-26 00:00:00
ubuntu
ubuntu
Linux kernel (EC2) vulnerabilities
2014-11-25 00:00:00
Linux kernel vulnerability
2014-11-25 00:00:00
Linux kernel vulnerabilities
2014-11-25 00:00:00
cisa
cisa
Vulnerabilities in LZO and LZ4 compression libraries
2014-07-21 00:00:00
amazon
amazon
Medium: kernel
2014-07-09 16:29:00
redhat
redhat
(RHSA-2015:0062) Important: kernel security, bug fix, and enhancement update
2015-01-20 00:00:00
(RHSA-2014:1392) Important: kernel security, bug fix, and enhancement update
2014-10-14 00:00:00
thn
thn
20-Year Old Vulnerability in LZO Compression Algorithm Went to Planet Mars
2014-06-27 05:43:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:12:39
Denial Of Service (DoS)
2019-05-02 05:12:40
Denial Of Service (DoS)
2019-05-02 05:12:40
centos
centos
kernel, perf, python security update
2014-10-20 18:09:23
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2014-10-20 00:00:00
suse
suse
Security update for Linux kernel (important)
2014-12-23 19:06:22
Security update for Linux kernel (important)
2014-12-24 08:08:49
Security update for Real Time Linux Kernel (important)
2015-04-20 21:05:00
fedora
fedora
[SECURITY] Fedora 20 Update: kernel-3.14.9-200.fc20
2014-06-30 10:29:23
[SECURITY] Fedora 19 Update: kernel-3.14.13-100.fc19
2014-07-25 10:08:51

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.4%

JSON
Related for UB:CVE-2014-4608
securityvulns3f52cve1nessus32freebsd1debiancve1prion1openvas29ubuntu9cisa1amazon1redhat2thn1veracode3centos1oraclelinux1suse10fedora2