CVE-2014-2706

Published Apr 14, 2014

Last updated a year ago

Overview

Description: Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.1
Impact score: 6.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-362

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A746AA8-CF9D-4203-BEE4-AA4662977375",
            "versionEndExcluding": "3.2.56"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2869AF87-7E94-4E08-8EF9-8C62F663EC82",
            "versionEndExcluding": "3.4.84",
            "versionStartIncluding": "3.3"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67836467-8BEF-44A1-B031-98EFBA19F38C",
            "versionEndExcluding": "3.10.34",
            "versionStartIncluding": "3.5"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AE2B033-586E-48AC-95DC-880018601DFC",
            "versionEndExcluding": "3.12.15",
            "versionStartIncluding": "3.11"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B13865A2-6E9A-4FFE-A1C2-02B75D66C207",
            "versionEndExcluding": "3.13.7",
            "versionStartIncluding": "3.13"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876"
          },
          {
            "criteria": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44B8FEDF-6CB0-46E9-9AD7-4445B001C158"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3A907A3-2A3A-46D4-8D75-914649877B65"
          },
          {
            "criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:-:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD41513F-36F9-459C-A0CB-26C025E63CDD"
          },
          {
            "criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9"
          },
          {
            "criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References