1. Home
  2. Vulnerabilities
  3. CVE-2014-3182

CVE-2014-3182

CVSS v2.0 6.9 (Medium)
69% Progress
EPSS 0.07 % (32th)
0.07% Progress
Affected Products 1
Advisories 7
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Array index error in the logi_dj_raw_event function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (invalid kfree) via a crafted device that provides a malformed REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value.

Weaknesses
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE Status
PUBLISHED
CNA
Chrome
Published Date
2014-09-28 10:55:10
(10 years ago)
Updated Date
2023-12-29 15:41:33
(8 months ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel prior 3.2.63 version cpe:2.3:o:linux:linux_kernel < 3.2.63
  Linux Kernel from 3.3 version and prior 3.4.104 version cpe:2.3:o:linux:linux_kernel >= 3.3 < 3.4.104
  Linux Kernel from 3.5 version and prior 3.10.54 version cpe:2.3:o:linux:linux_kernel >= 3.5 < 3.10.54
  Linux Kernel from 3.11 version and prior 3.12.28 version cpe:2.3:o:linux:linux_kernel >= 3.11 < 3.12.28
  Linux Kernel from 3.13 version and prior 3.14.18 version cpe:2.3:o:linux:linux_kernel >= 3.13 < 3.14.18
  Linux Kernel from 3.15 version and prior 3.16.2 version cpe:2.3:o:linux:linux_kernel >= 3.15 < 3.16.2