PT-2014-5809 · Linux+1 · Linux Kernel+1

Publicado

2014-12-24

Atualizado

2025-09-29

CVE-2014-4322

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions 3.x

Description The issue concerns a lack of validation for certain offset, length, and base values within an ioctl call in the QSEECOM driver. This allows attackers to potentially gain privileges or cause a denial of service due to memory corruption by using a crafted application.

Recommendations For Linux kernel version 3.x, update to a version that includes the fix for the QSEECOM driver issue to prevent potential privilege escalation or denial of service attacks.

Exploit

Correção

DoS

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2015-1018

ALT-PU-2015-1794

CVE-2014-4322

Produtos afetados

Alt Linux

Linux Kernel

PT-2014-5809 · Linux+1 · Linux Kernel+1

CVE-2014-4322

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8