Vulnerability CVE-2014-2672

Vulnerability Name:

CVE-2014-2672 (CCN-92114)

Assigned:

2014-02-20

Published:

2014-02-20

Updated:

2023-05-19

Summary:

CVSS v3 Severity:

6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

7.1 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C)
5.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

5.4 Medium (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C)
4.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2014-2672

Source: cve@mitre.org
Type: Patch, Vendor Advisory
cve@mitre.org

Source: CCN
Type: RHSA-2014-0981
Important: kernel security, bug fix, and enhancement update

Source: CCN
Type: RHSA-2014-1023
Important: kernel security and bug fix update

Source: CCN
Type: RHSA-2014-1101
Important: kernel security and bug fix update

Source: CCN
Type: SA57468
Linux Kernel ath9k "ath_tx_aggr_sleep()" Race Condition Vulnerability

Source: cve@mitre.org
Type: Release Notes, Vendor Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Mailing List, Patch, Third Party Advisory
cve@mitre.org

Source: CCN
Type: BID-66492
Linux Kernel 'drivers/net/wireless/ath/ath9k/xmit.c' Denial of Service Vulnerability

Source: cve@mitre.org
Type: Third Party Advisory, VDB Entry
cve@mitre.org

Source: CCN
Type: Kernel Bug Tracker - Bug 70551
kernel crash on ath9k under heavy load

Source: cve@mitre.org
Type: Issue Tracking, Patch, Vendor Advisory
cve@mitre.org

Source: XF
Type: UNKNOWN
linux-kernel-cve20142672-dos(92114)

Source: CCN
Type: Linux Kernel GIT Repository
ath9k: protect tid->sched check

Source: cve@mitre.org
Type: Patch, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Release Notes, Vendor Advisory
cve@mitre.org

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 10:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/o:linux:linux_kernel:3.12.14:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:3.13.6:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:7:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20142672	V	CVE-2014-2672	2022-09-02
oval:org.opensuse.security:def:55282	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:55960	P	Security update for MozillaFirefox (Important)	2021-10-15
oval:org.opensuse.security:def:55879	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP2) (Important)	2021-04-12
oval:org.opensuse.security:def:55841	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP2) (Important)	2021-02-10
oval:org.opensuse.security:def:27198	P	libmysql55client18-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28253	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27624	P	Security update for inn	2020-12-01
oval:org.opensuse.security:def:54837	P	libXpm4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29073	P	Security update for compat-wireless, compat-wireless-debuginfo, compat-wireless-debugsource, compat-wireless-kmp-default, compat-wireless-kmp-pae, compat-wireless-kmp-trace, compat-wireless-kmp-xen	2020-12-01
oval:org.opensuse.security:def:27634	P	Security update for libgcrypt	2020-12-01
oval:org.opensuse.security:def:27974	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:27197	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55767	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:28200	P	Security update for libgcrypt (Moderate)	2020-12-01
oval:org.opensuse.security:def:27540	P	ppp-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54599	P	libruby2_1-2_1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29038	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:27623	P	Security update for inkscape	2020-12-01
oval:org.opensuse.security:def:27930	P	Security update for GraphicsMagick (Low)	2020-12-01
oval:org.opensuse.security:def:55675	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:28049	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:27483	P	libsmi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:57310	P	Security update for compat-wireless, compat-wireless-debuginfo, compat-wireless-debugsource, compat-wireless-kmp-default, compat-wireless-kmp-pae, compat-wireless-kmp-trace, compat-wireless-kmp-xen	2020-12-01
oval:org.opensuse.security:def:54459	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28400	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:27622	P	Security update for icu	2020-12-01
oval:org.opensuse.security:def:27916	P	Security update for xorg-x11-libX11	2020-12-01
oval:org.opensuse.security:def:55567	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:27965	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:27401	P	flac-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:57236	P	Security update for libgcrypt	2020-12-01
oval:org.opensuse.security:def:54437	P	coreutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28356	P	Security update for poppler (Moderate)	2020-12-01
oval:org.opensuse.security:def:27877	P	Security update for Ruby	2020-12-01
oval:org.opensuse.security:def:27908	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:27273	P	procmail on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54436	P	coolkey on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28341	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27828	P	Security update for libxslt	2020-12-01
oval:org.opensuse.security:def:55116	P	gdm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27826	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28647	P	Security update for compat-wireless, compat-wireless-debuginfo, compat-wireless-debugsource, compat-wireless-kmp-default, compat-wireless-kmp-pae, compat-wireless-kmp-trace, compat-wireless-kmp-xen	2020-12-01
oval:org.opensuse.security:def:27209	P	libproxy0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28302	P	Security update for libtasn1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27775	P	Security update for kdebase4-workspace (Moderate)	2020-12-01
oval:org.opensuse.security:def:55010	P	sblim-sfcb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27698	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:28612	P	Security update for Xen	2020-12-01
oval:org.mitre.oval:def:26959	P	ELSA-2014-1023 -- kernel security and bug fix update (important)	2014-12-15
oval:org.mitre.oval:def:27184	P	ELSA-2014-0981 -- kernel security, bug fix, and enhancement update (important)	2014-12-15
oval:org.mitre.oval:def:26215	P	RHSA-2014:1023: kernel security and bug fix update (Important)	2014-10-13
oval:org.mitre.oval:def:25729	P	RHSA-2014:0981: kernel security, bug fix, and enhancement update (Important)	2014-09-15
oval:org.mitre.oval:def:26325	P	SUSE-SU-2014:0833-1 -- Security update for compat-wireless, compat-wireless-debuginfo, compat-wireless-debugsource, compat-wireless-kmp-default, compat-wireless-kmp-pae, compat-wireless-kmp-trace, compat-wireless-kmp-xen	2014-09-15
oval:com.redhat.rhsa:def:20141023	P	RHSA-2014:1023: kernel security and bug fix update (Important)	2014-08-06
oval:com.redhat.rhsa:def:20140981	P	RHSA-2014:0981: kernel security, bug fix, and enhancement update (Important)	2014-07-29
oval:org.mitre.oval:def:24748	P	USN-2221-1 -- linux vulnerabilities	2014-07-21
oval:org.mitre.oval:def:24761	P	USN-2224-1 -- linux-lts-raring vulnerabilities	2014-07-21
oval:org.mitre.oval:def:24338	P	USN-2227-1 -- linux-ti-omap4 vulnerabilities	2014-07-21
oval:org.mitre.oval:def:24853	P	USN-2223-1 -- linux-lts-quantal vulnerabilities	2014-07-21
oval:org.mitre.oval:def:24732	P	USN-2225-1 -- linux-lts-saucy vulnerabilities	2014-07-21
oval:org.mitre.oval:def:24889	P	USN-2228-1 -- linux vulnerabilities	2014-07-21
oval:org.opensuse.security:def:79944	P	Security update for compat-wireless, compat-wireless-debuginfo, compat-wireless-debugsource, compat-wireless-kmp-default, compat-wireless-kmp-pae, compat-wireless-kmp-trace, compat-wireless-kmp-xen	2014-06-18
oval:com.ubuntu.xenial:def:20142672000	V	CVE-2014-2672 on Ubuntu 16.04 LTS (xenial) - medium.	2014-04-01
oval:com.ubuntu.precise:def:20142672000	V	CVE-2014-2672 on Ubuntu 12.04 LTS (precise) - medium.	2014-04-01
oval:com.ubuntu.xenial:def:201426720000000	V	CVE-2014-2672 on Ubuntu 16.04 LTS (xenial) - medium.	2014-04-01
oval:com.ubuntu.trusty:def:20142672000	V	CVE-2014-2672 on Ubuntu 14.04 LTS (trusty) - medium.	2014-04-01

BACK