CVE-2014-2851
Linux Kernel - 'group_info' refcounter Overflow Memory Corruption
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter.
Desbordamiento de enteros en la función ping_init_sock en net/ipv4/ping.c en el kernel de Linux hasta 3.14.1 permite a usuarios locales causar una denegación de servicio (uso después de liberación y caída de sistema) o posiblemente ganar privilegios a través de una aplicación manipulada que aprovecha un contador de referencia manejado indebidamente.
A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-04-11 CVE Reserved
- 2014-04-14 CVE Published
- 2014-04-18 First Exploit
- 2024-08-06 CVE Updated
- 2024-09-06 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-416: Use After Free
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/59386 | Broken Link | |
| http://secunia.com/advisories/59599 | Broken Link | |
| http://www.securityfocus.com/bid/66779 | Third Party Advisory | |
| http://www.securitytracker.com/id/1030769 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/32926 | 2014-04-18 | |
| https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=b04c46190219a4f845e46a459e3102137b7f6cac | 2024-08-06 |
| URL | Date | SRC |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2014/04/11/4 | 2023-12-15 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1086730 | 2014-08-27 | |
| https://lkml.org/lkml/2014/4/10/736 | 2023-12-15 |
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2014/dsa-2926 | 2023-12-15 | |
| https://access.redhat.com/security/cve/CVE-2014-2851 | 2014-08-27 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.0 < 3.2.60 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.0 < 3.2.60" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.3 < 3.4.92 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.4.92" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.5 < 3.10.41 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.5 < 3.10.41" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.11 < 3.12.19 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.11 < 3.12.19" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 3.14.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 3.14.5" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.0 Search vendor "Linux" for product "Linux Kernel" and version "3.0" | rc1 |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0" | - |
Affected
| ||||||