Vulnerability Details : CVE-2014-3182
Array index error in the logi_dj_raw_event function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (invalid kfree) via a crafted device that provides a malformed REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value.
Vulnerability category: Execute codeDenial of service
Products affected by CVE-2014-3182
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Threat overview for CVE-2014-3182
Top countries where our scanners detected CVE-2014-3182
Top open port discovered on systems with this issue
49152
IPs affected by CVE-2014-3182 16,893
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2014-3182!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2014-3182
0.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 31 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-3182
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST |
CWE ids for CVE-2014-3182
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-3182
-
https://github.com/torvalds/linux/commit/ad3e14d7c5268c2e24477c6ef54bbdf88add5d36
HID: logitech: perform bounds checking on device_id early enough · torvalds/linux@ad3e14d · GitHubThird Party Advisory
-
http://www.securityfocus.com/bid/69770
Linux Kernel CVE-2014-3182 'hid-logitech-dj.c' Buffer Overflow VulnerabilityThird Party Advisory;VDB Entry
-
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.2
Mailing List;VDB Entry
-
https://code.google.com/p/google-security-research/issues/detail?id=89
89 - Linux kernel hid-logitech-dj.c device_index arbitrary kfree - project-zero - MonorailThird Party Advisory
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ad3e14d7c5268c2e24477c6ef54bbdf88add5d36
kernel/git/torvalds/linux.git - Linux kernel source treePatch
-
http://www.openwall.com/lists/oss-security/2014/09/11/21
oss-security - Multiple Linux USB driver CVE assignmentMailing List
-
http://rhn.redhat.com/errata/RHSA-2014-1318.html
RHSA-2014:1318 - Security Advisory - Red Hat Customer PortalThird Party Advisory;VDB Entry
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3e14d7c5268c2e24477c6ef54bbdf88add5d36
Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1141210
1141210 – (CVE-2014-3182) CVE-2014-3182 Kernel: HID: logitech-dj OOB array accessIssue Tracking
Jump to