Vulnerability Details : CVE-2014-4611
Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715.
Vulnerability category: OverflowMemory CorruptionInput validationDenial of service
Products affected by CVE-2014-4611
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-4611
0.93%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 83 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-4611
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2014-4611
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-4611
-
https://lists.apache.org/thread.html/rf4cb13d6ee891dfe2307389c8c6594a0cb10d9efb72be8bd2f97cb76@%3Ccommon-issues.hadoop.apache.org%3E
[jira] [Commented] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611 - Pony Mail
-
https://lists.apache.org/thread.html/r6c998e1a47c1c3fba61a80d0dcc4b39c7fc452400c7051f685b76c0b@%3Ccommon-issues.hadoop.apache.org%3E
[jira] [Commented] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 - Pony Mail
-
https://lists.apache.org/thread.html/ra72a62803eeabb6a8dc65032ca81b13ab75c271e4dff2df27c2915bb@%3Ccommon-issues.hadoop.apache.org%3E
[jira] [Created] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 - Pony Mail
-
http://twitter.com/djrbliss/statuses/485042901399789568
Dan Rosenberg on Twitter: "Hint: there are none. Only kernel use of LZ4 is ZRAM, which never parses untrusted LZ4. Might affect unknown out-of-tree modules, but relax."Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2014/06/26/24
oss-security - LMS-2014-06-16-5: Linux Kernel LZ4Mailing List;Third Party Advisory
-
http://twitter.com/djrbliss/statuses/484931749013495809
Dan Rosenberg on Twitter: "With all the arguing over whether Linux kernel LZ4 is vuln, why has nobody asked in what situations would Linux parse untrusted LZ4 data?"Third Party Advisory
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=206204a1162b995e2185275167b22468c00d6b36
kernel/git/torvalds/linux.git - Linux kernel source treeVendor Advisory
-
http://lists.opensuse.org/opensuse-updates/2014-07/msg00025.html
openSUSE-SU-2014:0924-1: moderate: eet: fix security issueMailing List;Third Party Advisory
-
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2
Vendor Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1112436
1112436 – (CVE-2014-4611) CVE-2014-4611 lz4: LZ4_decompress_generic() integer overflowIssue Tracking;Third Party Advisory
-
https://lists.apache.org/thread.html/r62f398f40f522cf59cfd89428835d4ca633a9764d82e4b7a12c37add@%3Ccommon-issues.hadoop.apache.org%3E
[jira] [Updated] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 - Pony Mail
-
https://lists.apache.org/thread.html/r0038b5836e3bc91af3ff93721c0fc55d6543afab8cec47df7361fa0e@%3Ccommon-dev.hadoop.apache.org%3E
[jira] [Created] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 - Pony Mail
-
https://lists.apache.org/thread.html/r5c9b4826bbd8933e4688db62f6ed9008cabb8f26bcea84d4e309caf7@%3Ccommon-issues.hadoop.apache.org%3E
[jira] [Updated] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611 - Pony Mail
-
https://code.google.com/p/lz4/source/detail?r=118
GitHub - lz4/lz4: Extremely Fast Compression algorithmThird Party Advisory
-
https://lists.apache.org/thread.html/r31eb601a8415525fa4a77b2f624c09be3550599898468ab96d508f90@%3Ccommon-issues.hadoop.apache.org%3E
[jira] [Comment Edited] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 - Pony Mail
-
https://code.google.com/p/lz4/issues/detail?id=52
Adding support for multiple file processing. Fixes Google code issue 151. by KyleJHarper · Pull Request #52 · lz4/lz4 · GitHubThird Party Advisory
-
http://fastcompression.blogspot.fr/2014/06/debunking-lz4-20-years-old-bug-myth.html
RealTime Data Compression: Debunking the LZ4 "20 years old bug" mythThird Party Advisory
-
https://github.com/torvalds/linux/commit/206204a1162b995e2185275167b22468c00d6b36
lz4: ensure length does not wrap · torvalds/linux@206204a · GitHubThird Party Advisory
-
https://lists.apache.org/thread.html/r8e0111cd64a455b0a33ab12a50fba724a0218f283c759f16da8864c2@%3Ccommon-issues.hadoop.apache.org%3E
[jira] [Commented] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 - Pony Mail
-
https://www.securitymouse.com/lms-2014-06-16-6
Origin DNS error | www.securitymouse.com | CloudflareBroken Link
-
https://lists.apache.org/thread.html/r0addc410fdd680330054deb526323edb29e869e8d1097593f538e208@%3Ccommon-issues.hadoop.apache.org%3E
[jira] [Commented] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611 - Pony Mail
-
https://lists.apache.org/thread.html/r229456b1fa718e329232bd7ceca4bd3e81ac55f2ec4db7314f1d7fcb@%3Ccommon-commits.hadoop.apache.org%3E
[hadoop] branch branch-3.2 updated: HADOOP-17917. Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611. Contributed by Brahma Reddy Battula. - Pony Mail
-
https://lists.apache.org/thread.html/r6794c8ff8f339d95a80415b0afbe71d5eda1b97bdaca19bec78d0f8f@%3Ccommon-commits.hadoop.apache.org%3E
[hadoop] branch branch-3.2.3 updated: HADOOP-17917. Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611. Contributed by Brahma Reddy Battula. - Pony Mail
-
http://www.securitytracker.com/id/1030491
Linux Kernel Integer Overflow in LZ4_decompress_generic() May Let Remote Users Execute Arbitrary Code in Certain Cases - SecurityTrackerThird Party Advisory;VDB Entry
-
https://www.securitymouse.com/lms-2014-06-16-5
Origin DNS error | www.securitymouse.com | CloudflareBroken Link
-
https://lists.apache.org/thread.html/rb301598bf24ecb6f4ce405c2a2ae23905fc4dce64277c020fc3883e5@%3Ccommon-issues.hadoop.apache.org%3E
[jira] [Updated] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 - Pony Mail
-
https://lists.apache.org/thread.html/r35b9f26c8ad91094d37bea0256012aeb065e32ff73dda5f934fefeb3@%3Ccommon-issues.hadoop.apache.org%3E
[jira] [Updated] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 - Pony Mail
-
http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html
The Mouse Trap: Raising Lazarus - The 20 Year Old Bug that Went to MarsThird Party Advisory
Jump to