CVE-2014-3182
Kernel: HID: logitech-dj OOB array access
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Array index error in the logi_dj_raw_event function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (invalid kfree) via a crafted device that provides a malformed REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value.
Error en el indice del arry en la función logi_dj_raw_event en drivers/hid/hid-logitech-dj.c en el kernel de Linux anterior a 3.16.2 permite a atacantes físicamente próximos ejecutar código arbitrario o causar una denegación de servicio (kfree inválido) a través de un dispositivo manipulado que proporciona un valor REPORT_TYPE_NOTIF_DEVICE_UNPAIRED malformado.
An out-of-bounds read flaw was found in the way the Logitech Unifying receiver driver handled HID reports with an invalid device_index value. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-05-03 CVE Reserved
- 2014-09-28 CVE Published
- 2024-08-06 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3e14d7c5268c2e24477c6ef54bbdf88add5d36 | Third Party Advisory | |
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.2 | Mailing List | |
http://www.openwall.com/lists/oss-security/2014/09/11/21 | Mailing List | |
http://www.securityfocus.com/bid/69770 | Third Party Advisory | |
https://code.google.com/p/google-security-research/issues/detail?id=89 | Third Party Advisory | |
https://github.com/torvalds/linux/commit/ad3e14d7c5268c2e24477c6ef54bbdf88add5d36 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2014-1318.html | 2023-12-29 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1141210 | 2014-12-09 | |
https://access.redhat.com/security/cve/CVE-2014-3182 | 2014-12-09 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 3.2.63 Search vendor "Linux" for product "Linux Kernel" and version " < 3.2.63" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.3 < 3.4.104 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.4.104" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.5 < 3.10.54 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.5 < 3.10.54" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.11 < 3.12.28 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.11 < 3.12.28" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 3.14.18 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 3.14.18" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.15 < 3.16.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.15 < 3.16.2" | - |
Affected
|