CVE-2014-2706HIGH
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c.
References
http://linux.oracle.com/errata/ELSA-2014-3052.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
http://secunia.com/advisories/60613
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.7
http://www.openwall.com/lists/oss-security/2014/04/01/8
http://www.securityfocus.com/bid/66591
http://www.securitytracker.com/id/1038201
https://bugzilla.kernel.org/show_bug.cgi?id=70551#c18
https://bugzilla.redhat.com/show_bug.cgi?id=1083512
https://github.com/torvalds/linux/commit/1d147bfa64293b2723c4fec50922168658e613ba
Vulnerable Software
Configuration 1
OR
Configuration 2
OR
Configuration 3
OR
cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:-:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 125101 | EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1513) | Nessus | Huawei Local Security Checks | critical |
| 124803 | EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1479) | Nessus | Huawei Local Security Checks | critical |
| 83633 | SUSE SLES11 Security Update : kernel (SUSE-SU-2014:1105-1) | Nessus | SuSE Local Security Checks | high |
| 81800 | Oracle Linux 7 : kernel (ELSA-2015-0290) | Nessus | Oracle Linux Local Security Checks | high |
| 79043 | RHEL 6 : kernel (RHSA-2014:1101) | Nessus | Red Hat Local Security Checks | high |
| 78651 | SuSE 11.3 Security Update : Linux kernel (SAT Patch Number 9750) | Nessus | SuSE Local Security Checks | high |
| 78650 | SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 9746 / 9749 / 9751) | Nessus | SuSE Local Security Checks | high |
| 77046 | RHEL 7 : kernel (RHSA-2014:1023) | Nessus | Red Hat Local Security Checks | high |
| 77045 | Oracle Linux 7 : kernel (ELSA-2014-1023) | Nessus | Oracle Linux Local Security Checks | high |
| 77034 | CentOS 7 : kernel (CESA-2014:1023) | Nessus | CentOS Local Security Checks | high |
| 76948 | CentOS 6 : kernel (CESA-2014:0981) | Nessus | CentOS Local Security Checks | high |
| 76926 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2014-3052) | Nessus | Oracle Linux Local Security Checks | high |
| 76908 | RHEL 6 : kernel (RHSA-2014:0981) | Nessus | Red Hat Local Security Checks | high |
| 76888 | Oracle Linux 6 : kernel (ELSA-2014-0981) | Nessus | Oracle Linux Local Security Checks | high |
| 76677 | RHEL 6 : MRG (RHSA-2014:0557) | Nessus | Red Hat Local Security Checks | high |
| 74513 | Mandriva Linux Security Advisory : kernel (MDVSA-2014:124) | Nessus | Mandriva Local Security Checks | critical |
| 74215 | Ubuntu 13.10 : linux vulnerabilities (USN-2228-1) | Nessus | Ubuntu Local Security Checks | critical |
| 74213 | Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2225-1) | Nessus | Ubuntu Local Security Checks | critical |
| 74212 | Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2224-1) | Nessus | Ubuntu Local Security Checks | critical |
| 74211 | Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2223-1) | Nessus | Ubuntu Local Security Checks | critical |
| 74184 | Ubuntu 12.04 LTS : linux vulnerabilities (USN-2221-1) | Nessus | Ubuntu Local Security Checks | critical |