4.7
CVSSv2

CVE-2014-3184

Published: 28/09/2014 Updated: 24/12/2016
CVSS v2 Base Score: 4.7 | Impact Score: 6.9 | Exploitability Score: 3.4
VMScore: 419
Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Summary

The report_fixup functions in the HID subsystem in the Linux kernel prior to 3.16.2 might allow physically proximate malicious users to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c.

Affected Products

Vendor Product Versions
LinuxLinux Kernel3.16.0, 3.16.1

Vendor Advisories

Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
Multiple out-of-bounds write flaws were found in the way the Cherry Cymotion keyboard driver, KYE/Genius device drivers, Logitech device drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote control driver, and Sunplus wireless desktop driver handled HID reports with an invalid report descriptor size An attacker with physical acce ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...