6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
6.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
50.5%
Ben Hawkes reported some off by one errors for report descriptors in the
Linux kernel’s HID stack. A physically proximate attacker could exploit
these flaws to cause a denial of service (out-of-bounds write) via a
specially crafted device. (CVE-2014-3184)
Several bounds check flaws allowing for buffer overflows were discovered in
the Linux kernel’s Whiteheat USB serial driver. A physically proximate
attacker could exploit these flaws to cause a denial of service (system
crash) via a specially crafted device. (CVE-2014-3185)
A flaw was discovered in the Linux kernel’s UDF filesystem (used on some
CD-ROMs and DVDs) when processing indirect ICBs. An attacker who can cause
CD, DVD or image file with a specially crafted inode to be mounted can
cause a denial of service (infinite loop or stack consumption).
(CVE-2014-6410)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 10.04 | noarch | linux-image-2.6.32-371-ec2 | < 2.6.32-371.87 | UNKNOWN |
Ubuntu | 10.04 | noarch | linux-headers-2.6.32-371-ec2 | < 2.6.32-371.87 | UNKNOWN |