CVE-2014-2706

HIGH

Description

Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c.

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1d147bfa64293b2723c4fec50922168658e613ba

http://linux.oracle.com/errata/ELSA-2014-3052.html

http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html

http://secunia.com/advisories/60613

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.7

http://www.openwall.com/lists/oss-security/2014/04/01/8

http://www.securityfocus.com/bid/66591

http://www.securitytracker.com/id/1038201

https://bugzilla.kernel.org/show_bug.cgi?id=70551#c18

https://bugzilla.redhat.com/show_bug.cgi?id=1083512

https://github.com/torvalds/linux/commit/1d147bfa64293b2723c4fec50922168658e613ba

https://source.android.com/security/bulletin/2017-04-01

Details

Source: MITRE

Published: 2014-04-14

Updated: 2020-08-19

Type: CWE-362

Risk Information

CVSS v2.0

Base Score: 7.1

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 8.6

Severity: HIGH

Vulnerable Software

Tenable Plugins

View all (21 total)

ID	Name	Product	Family	Severity
125101	EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1513)	Nessus	Huawei Local Security Checks	critical
124803	EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1479)	Nessus	Huawei Local Security Checks	critical
83633	SUSE SLES11 Security Update : kernel (SUSE-SU-2014:1105-1)	Nessus	SuSE Local Security Checks	high
81800	Oracle Linux 7 : kernel (ELSA-2015-0290)	Nessus	Oracle Linux Local Security Checks	high
79043	RHEL 6 : kernel (RHSA-2014:1101)	Nessus	Red Hat Local Security Checks	high
78651	SuSE 11.3 Security Update : Linux kernel (SAT Patch Number 9750)	Nessus	SuSE Local Security Checks	high
78650	SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 9746 / 9749 / 9751)	Nessus	SuSE Local Security Checks	high
77046	RHEL 7 : kernel (RHSA-2014:1023)	Nessus	Red Hat Local Security Checks	high
77045	Oracle Linux 7 : kernel (ELSA-2014-1023)	Nessus	Oracle Linux Local Security Checks	high
77034	CentOS 7 : kernel (CESA-2014:1023)	Nessus	CentOS Local Security Checks	high
76948	CentOS 6 : kernel (CESA-2014:0981)	Nessus	CentOS Local Security Checks	high
76926	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2014-3052)	Nessus	Oracle Linux Local Security Checks	high
76908	RHEL 6 : kernel (RHSA-2014:0981)	Nessus	Red Hat Local Security Checks	high
76888	Oracle Linux 6 : kernel (ELSA-2014-0981)	Nessus	Oracle Linux Local Security Checks	high
76677	RHEL 6 : MRG (RHSA-2014:0557)	Nessus	Red Hat Local Security Checks	high
74513	Mandriva Linux Security Advisory : kernel (MDVSA-2014:124)	Nessus	Mandriva Local Security Checks	critical
74215	Ubuntu 13.10 : linux vulnerabilities (USN-2228-1)	Nessus	Ubuntu Local Security Checks	critical
74213	Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2225-1)	Nessus	Ubuntu Local Security Checks	critical
74212	Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2224-1)	Nessus	Ubuntu Local Security Checks	critical
74211	Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2223-1)	Nessus	Ubuntu Local Security Checks	critical
74184	Ubuntu 12.04 LTS : linux vulnerabilities (USN-2221-1)	Nessus	Ubuntu Local Security Checks	critical