Vulnerability Details : CVE-2014-3145
Potential exploit
The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced.
Vulnerability category: Denial of service
Products affected by CVE-2014-3145
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-3145
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 24 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-3145
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
CWE ids for CVE-2014-3145
-
The product reads data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-3145
-
https://github.com/torvalds/linux/commit/05ab8f2647e4221cbdb3856dd7d32bd5407316b3
filter: prevent nla extensions to peek beyond the end of the message · torvalds/linux@05ab8f2 · GitHubExploit;Patch;Third Party Advisory
-
http://www.debian.org/security/2014/dsa-2949
Debian -- Security Information -- DSA-2949-1 linuxThird Party Advisory
-
http://www.openwall.com/lists/oss-security/2014/05/09/6
oss-security - Re: CVE request Linux kernel: filter: prevent nla extensions to peek beyond the end of the messageMailing List;Patch;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2263-1
USN-2263-1: Linux kernel (OMAP4) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://secunia.com/advisories/59311
Sign inNot Applicable
-
http://secunia.com/advisories/58990
Sign inBroken Link
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=05ab8f2647e4221cbdb3856dd7d32bd5407316b3
-
http://linux.oracle.com/errata/ELSA-2014-3052.html
linux.oracle.com | ELSA-2014-3052Third Party Advisory
-
http://secunia.com/advisories/59597
Sign inBroken Link
-
http://www.ubuntu.com/usn/USN-2259-1
USN-2259-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.securityfocus.com/bid/67321
Linux Kernel 'filter.c' CVE-2014-3145 Local Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
http://secunia.com/advisories/60613
Sign inNot Applicable
-
http://www.ubuntu.com/usn/USN-2252-1
USN-2252-1: Linux kernel (EC2) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://source.android.com/security/bulletin/2017-04-01
Android Security Bulletin—April 2017 | Android Open Source ProjectPatch;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2261-1
USN-2261-1: Linux kernel (Saucy HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2262-1
USN-2262-1: Linux kernel (Quantal HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.securitytracker.com/id/1038201
Google Android Multiple Flaws Let Users Deny Service, Obtain Potentially Sensitive Information, and Gain Elevated Privileges and Let Remote Users Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.ubuntu.com/usn/USN-2251-1
USN-2251-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2264-1
USN-2264-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
Jump to