CVE-2014-3185
Published Sep 28, 2014
Last updated 8 months ago
Overview
- Description
- Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response.
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.9
- Impact score
- 10
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08F5EF97-E1B9-46F0-979B-E77F62DD8DB1",
"versionEndExcluding": "3.2.63"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95E0847B-5988-4925-98FF-29EEE803ECC7",
"versionEndExcluding": "3.4.104",
"versionStartIncluding": "3.3"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9ACBC23-0CDB-475C-A567-6A4D9F322B31",
"versionEndExcluding": "3.10.54",
"versionStartIncluding": "3.5"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BBF71F21-E234-4CDD-87E7-D0F9ADDEFAD3",
"versionEndExcluding": "3.12.29",
"versionStartIncluding": "3.11"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E47EF9D-62CE-4AF1-A8C9-14E0D9AB3A76",
"versionEndExcluding": "3.14.18",
"versionStartIncluding": "3.13"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4DAD07BE-4260-45D8-A744-53DE4E3DC346",
"versionEndExcluding": "3.16.2",
"versionStartIncluding": "3.15"
}
],
"operator": "OR"
}
]
}
]