1. Home
  2. Vulnerabilities
  3. CVE-2014-3185

CVE-2014-3185

CVSS v2.0 6.9 (Medium)
69% Progress
EPSS 0.14 % (51th)
0.14% Progress
Affected Products 1
Advisories 19
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response.

Weaknesses
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE Status
PUBLISHED
CNA
Chrome
Published Date
2014-09-28 10:55:10
(10 years ago)
Updated Date
2024-03-14 19:58:39
(6 months ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel prior 3.2.63 version cpe:2.3:o:linux:linux_kernel < 3.2.63
  Linux Kernel from 3.3 version and prior 3.4.104 version cpe:2.3:o:linux:linux_kernel >= 3.3 < 3.4.104
  Linux Kernel from 3.5 version and prior 3.10.54 version cpe:2.3:o:linux:linux_kernel >= 3.5 < 3.10.54
  Linux Kernel from 3.11 version and prior 3.12.29 version cpe:2.3:o:linux:linux_kernel >= 3.11 < 3.12.29
  Linux Kernel from 3.13 version and prior 3.14.18 version cpe:2.3:o:linux:linux_kernel >= 3.13 < 3.14.18
  Linux Kernel from 3.15 version and prior 3.16.2 version cpe:2.3:o:linux:linux_kernel >= 3.15 < 3.16.2