Published: 03/07/2014 Updated: 07/11/2023

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 410

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel prior to 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
suse linux enterprise server 10
canonical ubuntu linux 12.04
redhat enterprise linux server aus 6.6
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat enterprise linux workstation 6.0
redhat enterprise linux eus 6.6
redhat enterprise linux server tus 6.6

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix two security issues and several bugs arenow available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having Important securityimpact Com ...

Debian Bug report logs - #751417 linux-image-320-4-5kc-malta: no SIGKILL after prctl(PR_SET_SECCOMP, 1, ) on MIPS (CVE-2014-4157) Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: Plamen Alexandrov <plamen@aomedacom> Date: Thu, 12 Jun 2014 16:21:01 ...

Several security issues were fixed in the kernel ...

An integer overflow flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls A local, privileged user could use this flaw to crash the system ...

CWE-190 https://github.com/torvalds/linux/commit/883a1d49f0d77d30012f114b2e19fc141beb3e8e http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2 https://github.com/torvalds/linux/commit/ac902c112d90a89e59916f751c2745f4dbdbb4bd http://www.openwall.com/lists/oss-security/2014/06/26/6 https://bugzilla.redhat.com/show_bug.cgi?id=1113470 http://secunia.com/advisories/59434 http://secunia.com/advisories/59777 http://secunia.com/advisories/60564 http://rhn.redhat.com/errata/RHSA-2014-1083.html http://www.ubuntu.com/usn/USN-2334-1 http://www.ubuntu.com/usn/USN-2335-1 http://rhn.redhat.com/errata/RHSA-2015-0087.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://secunia.com/advisories/60545 https://source.android.com/security/bulletin/2017-04-01 http://www.securitytracker.com/id/1038201 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ac902c112d90a89e59916f751c2745f4dbdbb4bd http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=883a1d49f0d77d30012f114b2e19fc141beb3e8e https://access.redhat.com/errata/RHSA-2015:0087 https://nvd.nist.gov https://usn.ubuntu.com/2335-1/https://access.redhat.com/security/cve/cve-2014-4656

CVE-2014-4656

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect