CVE-2014-3145 in Kernel
摘要 (英语)
The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
预定
2014-05-02
披露
2014-05-11
状态
已确认
条目
VulDB provides additional information and datapoints for this CVE:
| 标识符 | 漏洞 | CWE | 可利用 | 对策 | CVE |
|---|---|---|---|---|---|
| 13192 | Linux Kernel Packet Filter filter.c 拒绝服务 | 189 | 概念验证 | 官方修复 | CVE-2014-3145 |