CVE-2014-2851
Published Apr 14, 2014
Last updated a year ago
Overview
- Description
- Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.9
- Impact score
- 10
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-416
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43B40873-52BD-48B6-AC1D-02722B2F628C",
"versionEndExcluding": "3.2.60",
"versionStartIncluding": "3.0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB7FAE85-A7F7-403F-B3F8-51D26A7AD5CF",
"versionEndExcluding": "3.4.92",
"versionStartIncluding": "3.3"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F679CA52-B924-4498-BD5A-6B52D03EBBAE",
"versionEndExcluding": "3.10.41",
"versionStartIncluding": "3.5"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB10EE4B-C72C-4D4C-AEC7-A8685137AB75",
"versionEndExcluding": "3.12.19",
"versionStartIncluding": "3.11"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80087996-AEE9-4831-B60E-6E022036FF11",
"versionEndExcluding": "3.14.5",
"versionStartIncluding": "3.13"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D30AEC07-3CBD-4F4F-9646-BEAA1D98750B"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
}
],
"operator": "OR"
}
]
}
]