CVE-2014-2851

Published: Apr 14, 2014Modified: May 6, 2026

6.9

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 3.4 / Impact: 10.0

Source: NVD

Description

Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter.

Affected (7)

Products: Linux: Linux Kernel · Debian: Debian Linux

1 product

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 3.0 to 3.2.60
Linux Linux Kernel	From 3.11 to 3.12.19
Linux Linux Kernel	From 3.13 to 3.14.5
Linux Linux Kernel	From 3.3 to 3.4.92
Linux Linux Kernel	From 3.5 to 3.10.41
Linux Linux Kernel	Version 3.0 rc1

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 7.0

Related CWEs

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (18)

http://secunia.com/advisories/59386

Source: cve@mitre.org

Broken Link

http://secunia.com/advisories/59599

Source: cve@mitre.org

Broken Link

http://www.debian.org/security/2014/dsa-2926

Source: cve@mitre.org

Third Party Advisory

http://www.openwall.com/lists/oss-security/2014/04/11/4

Source: cve@mitre.org

Mailing ListPatchThird Party Advisory

http://www.securityfocus.com/bid/66779

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1030769

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1086730

Source: cve@mitre.org

Issue TrackingPatchThird Party Advisory

https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=b04c46190219a4f845e46a459e3102137b7f6cac

Source: cve@mitre.org

ExploitPatchVendor Advisory

https://lkml.org/lkml/2014/4/10/736

Source: cve@mitre.org

Mailing ListPatchVendor Advisory

http://secunia.com/advisories/59386

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://secunia.com/advisories/59599

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.debian.org/security/2014/dsa-2926

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.openwall.com/lists/oss-security/2014/04/11/4

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchThird Party Advisory

http://www.securityfocus.com/bid/66779

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1030769

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1086730

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=b04c46190219a4f845e46a459e3102137b7f6cac

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

https://lkml.org/lkml/2014/4/10/736

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchVendor Advisory

Timeline

No history available yet.