CVE-2014-2706

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c.

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1d147bfa64293b2723c4fec50922168658e613ba

http://linux.oracle.com/errata/ELSA-2014-3052.html

http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html

http://secunia.com/advisories/60613

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.7

http://www.openwall.com/lists/oss-security/2014/04/01/8

http://www.securityfocus.com/bid/66591

http://www.securitytracker.com/id/1038201

https://bugzilla.kernel.org/show_bug.cgi?id=70551#c18

https://bugzilla.redhat.com/show_bug.cgi?id=1083512

https://github.com/torvalds/linux/commit/1d147bfa64293b2723c4fec50922168658e613ba

https://source.android.com/security/bulletin/2017-04-01

Details

Source: MITRE

Published: 2014-04-14

Updated: 2020-08-19

Type: CWE-362

Risk Information

CVSS v2

Base Score: 7.1

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (21 total)

IDNameProductFamilySeverity
125101EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1513)NessusHuawei Local Security Checks
critical
124803EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1479)NessusHuawei Local Security Checks
critical
83633SUSE SLES11 Security Update : kernel (SUSE-SU-2014:1105-1)NessusSuSE Local Security Checks
high
81800Oracle Linux 7 : kernel (ELSA-2015-0290)NessusOracle Linux Local Security Checks
high
79043RHEL 6 : kernel (RHSA-2014:1101)NessusRed Hat Local Security Checks
high
78651SuSE 11.3 Security Update : Linux kernel (SAT Patch Number 9750)NessusSuSE Local Security Checks
high
78650SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 9746 / 9749 / 9751)NessusSuSE Local Security Checks
high
77046RHEL 7 : kernel (RHSA-2014:1023)NessusRed Hat Local Security Checks
high
77045Oracle Linux 7 : kernel (ELSA-2014-1023)NessusOracle Linux Local Security Checks
high
77034CentOS 7 : kernel (CESA-2014:1023)NessusCentOS Local Security Checks
high
76948CentOS 6 : kernel (CESA-2014:0981)NessusCentOS Local Security Checks
high
76926Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2014-3052)NessusOracle Linux Local Security Checks
high
76908RHEL 6 : kernel (RHSA-2014:0981)NessusRed Hat Local Security Checks
high
76888Oracle Linux 6 : kernel (ELSA-2014-0981)NessusOracle Linux Local Security Checks
high
76677RHEL 6 : MRG (RHSA-2014:0557)NessusRed Hat Local Security Checks
high
74513Mandriva Linux Security Advisory : kernel (MDVSA-2014:124)NessusMandriva Local Security Checks
critical
74215Ubuntu 13.10 : linux vulnerabilities (USN-2228-1)NessusUbuntu Local Security Checks
critical
74213Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2225-1)NessusUbuntu Local Security Checks
critical
74212Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2224-1)NessusUbuntu Local Security Checks
critical
74211Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2223-1)NessusUbuntu Local Security Checks
critical
74184Ubuntu 12.04 LTS : linux vulnerabilities (USN-2221-1)NessusUbuntu Local Security Checks
critical