what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2014-3185

Status Candidate

Overview

Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response.

Related Files

Red Hat Security Advisory 2015-0284-03
Posted Mar 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0284-03 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2013-4483, CVE-2014-3185, CVE-2014-3611, CVE-2014-3645, CVE-2014-3646, CVE-2014-7841, CVE-2014-8160
SHA-256 | 3a23bafa7ff0984a430f6377352c08ac1cc9765d54947d73d20afde3035fbc0c
Red Hat Security Advisory 2014-1971-01
Posted Dec 9, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1971-01 - A flaw was found in the way the Linux kernel's SCTP implementation handled malformed or duplicate Address Configuration Change Chunks. A remote attacker could use either of these flaws to crash the system. A flaw was found in the way the Linux kernel's SCTP implementation handled the association's output queue. A remote attacker could send specially crafted packets that would cause the system to use an excessive amount of memory, leading to a denial of service.

tags | advisory, remote, denial of service, kernel
systems | linux, redhat
advisories | CVE-2013-2929, CVE-2014-1739, CVE-2014-3181, CVE-2014-3182, CVE-2014-3184, CVE-2014-3185, CVE-2014-3186, CVE-2014-3631, CVE-2014-3673, CVE-2014-3687, CVE-2014-3688, CVE-2014-4027, CVE-2014-4652, CVE-2014-4654, CVE-2014-4655, CVE-2014-4656, CVE-2014-5045, CVE-2014-6410
SHA-256 | 259b2a7a6414f480013fd35c56afb4dd38c3314536fa54e70f0ac1b44239b896
Red Hat Security Advisory 2014-1843-01
Posted Nov 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1843-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2014-3185, CVE-2014-3611, CVE-2014-3645, CVE-2014-3646
SHA-256 | e154ef355ac868abf46aa21980f64c2c9b4a1563aa31365c7ba822f982de7f79
Mandriva Linux Security Advisory 2014-201
Posted Oct 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-201 - Multiple vulnerabilities has been found and corrected in the Linux kernel. These include stack-based buffer overflows and denial of service issues.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2014-3122, CVE-2014-3181, CVE-2014-3182, CVE-2014-3184, CVE-2014-3185, CVE-2014-3186, CVE-2014-3534, CVE-2014-3601, CVE-2014-5077, CVE-2014-5206, CVE-2014-5471, CVE-2014-5472, CVE-2014-6410, CVE-2014-7975
SHA-256 | 18d0010448f4aacc19c217e3371db5d34c01d05bb3fb2bb9179b1b838891d685
Ubuntu Security Notice USN-2379-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2379-1 - Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code via specially crafted devices. Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2014-3181, CVE-2014-3184, CVE-2014-3185, CVE-2014-3186, CVE-2014-3631, CVE-2014-6410, CVE-2014-6416, CVE-2014-6417, CVE-2014-6418
SHA-256 | 216aab1ac8b1c5f5fa320e1812013bd6082c5c0d0b1cd7b24acb25ab21d04946
Ubuntu Security Notice USN-2374-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2374-1 - Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. Several bounds check flaws allowing for buffer overflows were discovered in the Linux kernel's Whiteheat USB serial driver. A physically proximate attacker could exploit these flaws to cause a denial of service (system crash) via a specially crafted device. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel
systems | linux, ubuntu
advisories | CVE-2014-3184, CVE-2014-3185, CVE-2014-6410
SHA-256 | b94aa93b2ae3e2e8fc27f5841674c392e667c20efe20794d379c3cfa227778ce
Ubuntu Security Notice USN-2378-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2378-1 - Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code via specially crafted devices. Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2014-3181, CVE-2014-3184, CVE-2014-3185, CVE-2014-3186, CVE-2014-3631, CVE-2014-6410, CVE-2014-6416, CVE-2014-6417, CVE-2014-6418
SHA-256 | aa7d6fa2cad88994360eaa91e59cb61f822dbcc59854491f5ca6070c59e4a697
Ubuntu Security Notice USN-2376-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2376-1 - Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code via specially crafted devices. Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2014-3181, CVE-2014-3184, CVE-2014-3185, CVE-2014-3186, CVE-2014-6410, CVE-2014-6416, CVE-2014-6417, CVE-2014-6418
SHA-256 | 0a99c5b40b9b6cf4d980a29d1585a7123af10c24bc7015c03dc905ed17b98aa5
Ubuntu Security Notice USN-2377-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2377-1 - Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code via specially crafted devices. Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2014-3181, CVE-2014-3184, CVE-2014-3185, CVE-2014-3186, CVE-2014-6410, CVE-2014-6416, CVE-2014-6417, CVE-2014-6418
SHA-256 | b8c00e38fee18f4d2a51a08857286215903aaa48f01fac035ec8955398d238e5
Ubuntu Security Notice USN-2375-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2375-1 - Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. Several bounds check flaws allowing for buffer overflows were discovered in the Linux kernel's Whiteheat USB serial driver. A physically proximate attacker could exploit these flaws to cause a denial of service (system crash) via a specially crafted device. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel
systems | linux, ubuntu
advisories | CVE-2014-3184, CVE-2014-3185, CVE-2014-6410
SHA-256 | bc61c6f9bfec79913e6f4cad4cd9134e734cc0d26076a88d9299b05ea0fd9992
Red Hat Security Advisory 2014-1318-01
Posted Sep 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1318-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. MRG Realtime provides the highest levels of predictability for consistent low-latency response times to meet the needs of time-sensitive workloads. MRG Realtime also provides new levels of determinism by optimizing lengthy kernel code paths to ensure that they do not become bottlenecks. This allows for better prioritization of applications, resulting in consistent, predictable response times for high-priority applications.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2014-3181, CVE-2014-3182, CVE-2014-3184, CVE-2014-3185, CVE-2014-4171, CVE-2014-5471, CVE-2014-5472, CVE-2014-6410
SHA-256 | 0a77ae165e92c2af80d046f9c03d5956b16c1925f2c276662095049b6e85164d
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close