Vulnerability Name:

CVE-2014-3182 (CCN-95928)

Assigned:2014-08-21
Published:2014-08-21
Updated:2015-10-08
Summary:Array index error in the logi_dj_raw_event function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (invalid kfree) via a crafted device that provides a malformed REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value.
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)
5.1 Medium (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.2 Medium (REDHAT CVSS v2 Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C)
4.6 Medium (REDHAT Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2014-3182

Source: CONFIRM
Type: Patch
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ad3e14d7c5268c2e24477c6ef54bbdf88add5d36

Source: CCN
Type: Linux Kernel GIT Repository
perform bounds checking on device_id early enough

Source: CCN
Type: RHSA-2014-1318
Moderate: Red Hat Enterprise MRG Realtime 2.5 security and enhancement update

Source: REDHAT
Type: UNKNOWN
RHSA-2014:1318

Source: CCN
Type: RHSA-2014-1971
Important: kernel security and bug fix update

Source: CCN
Type: oss-security Mailing List, Thu, 11 Sep 2014 13:32:27 -0700
Multiple Linux USB driver CVE assignment

Source: CCN
Type: oss-security Mailing List, Thu, 11 Sep 2014 14:26:12 -0700
Re: Multiple Linux USB driver CVE assignment

Source: CCN
Type: IBM Security Bulletin 1021943
PowerKVM Kernel Vulnerabilities - Multiple CVEs

Source: CONFIRM
Type: Vendor Advisory
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.2

Source: MLIST
Type: UNKNOWN
[oss-security] 20140911 Multiple Linux USB driver CVE assignment

Source: BID
Type: UNKNOWN
69770

Source: CCN
Type: BID-69770
Linux Kernel CVE-2014-3182 'hid-logitech-dj.c' Buffer Overflow Vulnerability

Source: CONFIRM
Type: Patch
https://bugzilla.redhat.com/show_bug.cgi?id=1141210

Source: MISC
Type: UNKNOWN
https://code.google.com/p/google-security-research/issues/detail?id=89

Source: XF
Type: UNKNOWN
linux-kernel-cve20143182-bo(95928)

Source: CONFIRM
Type: UNKNOWN
https://github.com/torvalds/linux/commit/ad3e14d7c5268c2e24477c6ef54bbdf88add5d36

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-3182

Vulnerable Configuration:Configuration 1:
  • cpe:/o:linux:linux_kernel:3.16.0:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:* (Version <= 3.16.1)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:linux:linux_kernel:3.16.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux_hpc_node:7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:powerkvm:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_workstation:7:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20143182
    V
    		CVE-2014-3182
    2022-05-20
    oval:org.mitre.oval:def:28305
    P
    		ELSA-2014-3103 -- Unbreakable Enterprise kernel security update (important)
    2015-03-16
    oval:org.mitre.oval:def:28399
    P
    		RHSA-2014:1971 -- kernel security and bug fix update (Important)
    2015-02-23
    oval:org.mitre.oval:def:28418
    P
    		ELSA-2014-1971 -- kernel security and bug fix update (important)
    2015-02-23
    oval:com.redhat.rhsa:def:20141971
    P
    		RHSA-2014:1971: kernel security and bug fix update (Important)
    2014-12-09
    oval:com.ubuntu.xenial:def:201431820000000
    V
    		CVE-2014-3182 on Ubuntu 16.04 LTS (xenial) - medium.
    2014-09-28
    oval:com.ubuntu.precise:def:20143182000
    V
    		CVE-2014-3182 on Ubuntu 12.04 LTS (precise) - medium.
    2014-09-28
    oval:com.ubuntu.trusty:def:20143182000
    V
    		CVE-2014-3182 on Ubuntu 14.04 LTS (trusty) - medium.
    2014-09-28
    oval:com.ubuntu.xenial:def:20143182000
    V
    		CVE-2014-3182 on Ubuntu 16.04 LTS (xenial) - medium.
    2014-09-28
    BACK
    linux linux kernel 3.16.0
    linux linux kernel *
    linux linux kernel 3.16.0
    redhat enterprise linux hpc node 7
    ibm powerkvm 2.1
    redhat enterprise linux desktop 7
    redhat enterprise linux server 7
    redhat enterprise linux workstation 7