CVE-2014-3183

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.16.2

Description The issue is related to a heap-based buffer overflow in the logi dj ll raw request function. This function is located in the drivers/hid/hid-logitech-dj.c file of the Linux kernel. The overflow can be triggered by a crafted device that specifies a large report size for an LED report, allowing physically proximate attackers to cause a denial of service, such as a system crash, or possibly execute arbitrary code.

Recommendations For Linux kernel versions prior to 3.16.2, update to version 3.16.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the logi dj ll raw request function until a patch is available.