CVE-2014-3186
Kernel: HID: memory corruption via OOB write
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that sends a large report.
Desbordamiento de buffer en la función picolcd_raw_event en devices/hid/hid-picolcd_core.c en el controlador de dispositivos PicoLCD HID en el kernel de Linux hasta 3.16.3, utilizado en Android en los dispositivos Nexus 7, permite a atacantes físicamente próximos causar una denegación de servicio (caída del sistema) o posiblemente ejecutar código arbitrario a través de un dispositivo manipulado que envía un informe grande.
A buffer overflow flaw was found in the way the Minibox PicoLCD driver handled Human Interface Device (HID) reports with an invalid size. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-05-03 CVE Reserved
- 2014-09-28 CVE Published
- 2024-08-06 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-787: Out-of-bounds Write
CAPEC
References (13)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2014/09/11/22 | Mailing List |
|
| http://www.securityfocus.com/bid/69763 | Third Party Advisory | |
| https://code.google.com/p/google-security-research/issues/detail?id=101 | Third Party Advisory | |
| https://github.com/torvalds/linux/commit/844817e47eef14141cf59b8d5ac08dd11c0a9189 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.35 < 3.2.63 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.35 < 3.2.63" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.3 < 3.4.104 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.4.104" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.5 < 3.10.56 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.5 < 3.10.56" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.11 < 3.12.31 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.11 < 3.12.31" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 3.14.20 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 3.14.20" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.15 < 3.16.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.15 < 3.16.4" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | esm |
Affected
| ||||||