10

CVE-2014-2523

net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 3.2.57
LinuxLinux Kernel Version >= 3.3 < 3.4.86
LinuxLinux Kernel Version >= 3.5 < 3.10.36
LinuxLinux Kernel Version >= 3.11 < 3.12.17
LinuxLinux Kernel Version >= 3.13.0 < 3.13.9
CanonicalUbuntu Linux Version10.04 SwEdition-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.39% 0.951
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.ubuntu.com/usn/USN-2173-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2174-1
Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b22f5126a24b3b2f15448c3f2a254fc10cbc2b92
http://secunia.com/advisories/57446
Third Party Advisory
http://twitter.com/grsecurity/statuses/445496197399461888
Broken Link
http://www.openwall.com/lists/oss-security/2014/03/17/7
Patch
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/66279
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1029945
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1077343
Third Party Advisory
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/91910
Third Party Advisory
VDB Entry
https://github.com/torvalds/linux/commit/b22f5126a24b3b2f15448c3f2a254fc10cbc2b92
Patch
Third Party Advisory