// For flags

CVE-2014-3182

Kernel: HID: logitech-dj OOB array access

Severity Score

6.9
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Array index error in the logi_dj_raw_event function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (invalid kfree) via a crafted device that provides a malformed REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value.

Error en el indice del arry en la función logi_dj_raw_event en drivers/hid/hid-logitech-dj.c en el kernel de Linux anterior a 3.16.2 permite a atacantes físicamente próximos ejecutar código arbitrario o causar una denegación de servicio (kfree inválido) a través de un dispositivo manipulado que proporciona un valor REPORT_TYPE_NOTIF_DEVICE_UNPAIRED malformado.

An out-of-bounds read flaw was found in the way the Logitech Unifying receiver driver handled HID reports with an invalid device_index value. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
Attack Vector
Local
Attack Complexity
High
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-05-03 CVE Reserved
  • 2014-09-28 CVE Published
  • 2024-08-06 CVE Updated
  • 2024-12-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
< 3.2.63
Search vendor "Linux" for product "Linux Kernel" and version " < 3.2.63"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 3.3 < 3.4.104
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.4.104"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 3.5 < 3.10.54
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.5 < 3.10.54"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 3.11 < 3.12.28
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.11 < 3.12.28"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 3.13 < 3.14.18
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 3.14.18"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 3.15 < 3.16.2
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.15 < 3.16.2"
-
Affected