CVE-2014-2739

The cma_req_handler function in drivers/infiniband/core/cma.c in the Linux kernel 3.14.x through 3.14.1 attempts to resolve an RDMA over Converged Ethernet (aka RoCE) address that is properly resolved within a different module, which allows remote attackers to cause a denial of service (incorrect pointer dereference and system crash) via crafted network traffic.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

Vector : AV:A/AC:H/Au:N/C:N/I:N/A:C

Exploitability : 3.2 / Impact : 6.9

Access Vector ADJACENT_NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b2853fd6c2d0f383dbdf7427e263eb576a633867
http://www.openwall.com/lists/oss-security/2014/04/10/9	Patch
http://www.securityfocus.com/bid/66716
https://bugzilla.redhat.com/show_bug.cgi?id=1085415
https://github.com/torvalds/linux/commit/b2853fd6c2d0f383dbdf7427e263eb576a633867	Exploit

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel:3.14:rc1::::::
	cpe:2.3:o:linux:linux_kernel:3.14:rc2::::::
	cpe:2.3:o:linux:linux_kernel:3.14:rc3::::::
	cpe:2.3:o:linux:linux_kernel:3.14:rc4::::::
	cpe:2.3:o:linux:linux_kernel:3.14:rc5::::::
	cpe:2.3:o:linux:linux_kernel:3.14:rc6::::::
	cpe:2.3:o:linux:linux_kernel:3.14:rc7::::::
	cpe:2.3:o:linux:linux_kernel:3.14:rc8::::::
	cpe:2.3:o:linux:linux_kernel:3.14.1:::::::*

History

No history.

Information

Published : 2014-04-14 23:55

Updated : 2024-02-04 18:35

NVD link : CVE-2014-2739

Mitre link : CVE-2014-2739

CVE.ORG link : CVE-2014-2739

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2014-2739", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.2, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-04-14T23:55:07.747", "references": [{"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b2853fd6c2d0f383dbdf7427e263eb576a633867", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2014/04/10/9", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/66716", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1085415", "source": "secalert@redhat.com"}, {"url": "https://github.com/torvalds/linux/commit/b2853fd6c2d0f383dbdf7427e263eb576a633867", "tags": ["Exploit"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The cma_req_handler function in drivers/infiniband/core/cma.c in the Linux kernel 3.14.x through 3.14.1 attempts to resolve an RDMA over Converged Ethernet (aka RoCE) address that is properly resolved within a different module, which allows remote attackers to cause a denial of service (incorrect pointer dereference and system crash) via crafted network traffic."}, {"lang": "es", "value": "La funci\u00f3n cma_req_handler en drivers/infiniband/core/cma.c en el kernel de Linux 3.14.x hasta 3.14.1 intenta resolver un RDMA sobre una direcci\u00f3n Converged Ethernet (tambi\u00e9n conocido como RoCE) que se resuelve debidamente dentro de un m\u00f3dulo diferente, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (referencia a puntero incorrecto y ca\u00edda de sistema) a trav\u00e9s de trafico de red manipulado."}], "lastModified": "2023-02-13T00:38:40.473", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:3.14:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1817B5C-356A-44FD-A645-AF224A59F6ED"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.14:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B528018-4A7E-4E59-A7CA-91D2A9536831"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.14:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1795E18E-AE30-4230-809F-E40317FB96BD"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.14:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F91AF02-7C23-4888-A580-07C166BE8128"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.14:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61A7DB5C-EB54-4D4A-AB38-8060F13C8779"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.14:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FF2C86B-7087-4EFC-A256-3AF313C25325"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.14:rc7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14AC6A73-D01C-44F4-9821-BAE9600E72D5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.14:rc8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "055557BE-1FE9-45F5-8A95-F8D3C9B031E4"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.14.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "742641DA-1CAE-4156-95F3-367793713696"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}