Vulnerability Details : CVE-2014-4502
Multiple heap-based buffer overflows in the parse_notify function in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 4.1.0 allow remote pool servers to have unspecified impact via a (1) large or (2) negative value in the Extranonc2_size parameter in a mining.subscribe response and a crafted mining.notify request.
Vulnerability category: Overflow
Products affected by CVE-2014-4502
- cpe:2.3:a:sgminer_project:sgminer:*:*:*:*:*:*:*:*
- cpe:2.3:a:sgminer_project:sgminer:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:sgminer_project:sgminer:4.1.242:*:*:*:*:*:*:*
- cpe:2.3:a:sgminer_project:sgminer:4.1.153:*:*:*:*:*:*:*
- cpe:2.3:a:sgminer_project:sgminer:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:sgminer_project:sgminer:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:sgminer_project:sgminer:4.1.271:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:*:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:*:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-4502
0.84%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-4502
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2014-4502
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-4502
-
https://github.com/sgminer-dev/sgminer/commit/bac5831b355f916e0696b7bbcccfc51c057b729a
Bugfix: initiate_stratum: Ensure extranonce2 size is not negative (wh… · sgminer-dev/sgminer@bac5831 · GitHubExploit;Patch
-
http://seclists.org/fulldisclosure/2014/Jul/119
Full Disclosure: CVE-2014-4502 : Invalid Handling of Length Parameter in Stratum mining.notify Message Leads to Heap Overflow
-
https://github.com/ckolivas/cgminer/commit/e1c5050734123973b99d181c45e74b2cbb00272e
Do some random sanity checking for stratum message parsing · ckolivas/cgminer@e1c5050 · GitHubExploit;Patch
-
https://github.com/luke-jr/bfgminer/commit/ff7f30129f15f7a2213f8ced0cd65c9a331493d9
Bugfix: initiate_stratum: Ensure extranonce2 size is not negative (wh… · luke-jr/bfgminer@ff7f301 · GitHubExploit;Patch
-
https://github.com/sgminer-dev/sgminer/issues/258
Extranonce2 size not checked properly · Issue #258 · sgminer-dev/sgminer · GitHub
-
http://www.securityfocus.com/bid/68831
Multiple Products 'parse_notify' Function Heap Based Buffer Overflow Vulnerabilities
Jump to