PT-2013-6338 · Suse+5 · Opensuse+7

Published

1970-01-01

·

Updated

2020-08-14

·

CVE-2014-4655

CVSS v2.0

9.3

High

VectorAV:N/AC:M/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions openSUSE (affected versions not specified) SUSE Linux Enterprise (affected versions not specified)
Description The issue affects multiple packages in the openSUSE and SUSE Linux Enterprise operating systems, allowing for remote exploitation. This can lead to a violation of confidentiality, integrity, and availability of protected information. The snd ctl elem add function in the ALSA control implementation is also mentioned as being vulnerable to an integer overflow and limit bypass, which can be exploited locally.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Integer Overflow

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-362

Related Identifiers

ALT-PU-2014-1825
ALT-PU-2014-1845
ALT-PU-2014-1846
ALT-PU-2014-1847
ALT-PU-2015-1794
BDU:2015-04307
BDU:2015-04308
BDU:2015-04309
BDU:2015-04310
BDU:2015-05685
BDU:2015-05686
BDU:2015-05687
BDU:2015-05688
BDU:2015-05689
BDU:2015-05690
BDU:2015-05691
BDU:2015-05692
BDU:2015-05693
BDU:2015-05694
BDU:2015-05695
BDU:2015-05696
BDU:2015-05697
BDU:2015-05698
BDU:2015-05699
BDU:2015-05700
BDU:2015-05701
BDU:2015-05702
BDU:2015-05703
BDU:2015-05704
BDU:2015-05705
BDU:2015-05706
BDU:2015-05707
BDU:2015-05708
BDU:2015-05709
BDU:2015-05710
BDU:2015-05711
BDU:2015-05712
BDU:2015-05713
BDU:2015-05714
BDU:2015-05715
BDU:2015-05716
BDU:2015-05717
BDU:2015-05718
BDU:2015-05719
BDU:2015-05720
BDU:2015-05721
BDU:2015-05722
BDU:2015-05723
BDU:2015-05724
BDU:2015-05725
BDU:2015-05726
BDU:2015-05727
BDU:2015-05728
BDU:2015-05729
BDU:2015-05730
BDU:2015-05731
BDU:2015-05732
BDU:2015-05733
BDU:2015-05734
BDU:2015-05735
BDU:2015-05736
BDU:2015-05737
BDU:2015-05738
BDU:2015-05739
BDU:2015-05740
BDU:2015-05741
BDU:2015-05742
BDU:2015-05743
BDU:2015-05744
BDU:2015-05745
BDU:2015-05746
BDU:2015-05747
BDU:2015-05748
BDU:2015-05749
BDU:2015-05750
BDU:2015-05751
BDU:2015-05752
BDU:2015-05753
BDU:2015-05754
BDU:2015-05755
BDU:2015-05756
BDU:2015-05757
BDU:2015-05758
BDU:2015-05759
BDU:2015-05760
BDU:2015-05761
BDU:2015-05762
BDU:2015-05763
BDU:2015-05764
BDU:2015-05765
BDU:2015-05766
BDU:2015-05767
BDU:2015-05768
BDU:2015-05769
BDU:2015-05770
BDU:2015-05771
BDU:2015-05772
BDU:2015-05773
BDU:2015-05774
BDU:2015-05775
BDU:2015-05776
BDU:2015-05777
BDU:2015-05778
BDU:2015-05779
BDU:2015-05780
BDU:2015-05781
BDU:2015-05782
BDU:2015-05783
BDU:2015-05784
BDU:2015-05785
BDU:2015-05786
BDU:2015-05787
BDU:2015-05788
BDU:2015-05789
BDU:2015-05790
BDU:2015-05791
BDU:2015-05792
BDU:2015-05793
BDU:2015-05794
BDU:2015-05795
BDU:2015-05796
BDU:2015-05797
BDU:2015-05798
BDU:2015-05799
BDU:2015-05800
BDU:2015-05801
BDU:2015-05802
BDU:2015-05803
BDU:2015-05804
BDU:2015-05805
BDU:2015-05806
BDU:2015-05807
BDU:2015-05808
BDU:2015-05809
BDU:2015-05810
BDU:2015-05811
BDU:2015-05812
BDU:2015-05813
BDU:2015-05814
BDU:2015-05815
BDU:2015-05816
BDU:2015-05817
BDU:2015-05818
BDU:2015-05819
BDU:2015-05820
BDU:2015-05821
BDU:2015-05822
BDU:2015-05823
BDU:2015-05824
BDU:2015-05825
BDU:2015-05826
BDU:2015-05827
BDU:2015-05828
BDU:2015-05829
BDU:2015-05830
BDU:2015-05831
BDU:2015-05832
BDU:2015-05833
BDU:2015-05834
BDU:2015-05835
BDU:2015-05836
BDU:2015-05837
BDU:2015-05838
BDU:2015-05839
BDU:2015-05840
BDU:2015-05841
BDU:2015-05842
BDU:2015-05843
CESA-2014_1392
CESA-2014_1971
CVE-2014-4655
DLA-103-1
OPENSUSE-SU-2014_0957-1
OPENSUSE-SU-2014_0985-1
RHSA-2014:1083
RHSA-2014:1392
RHSA-2014:1971
RHSA-2014_1392
RHSA-2014_1971
SUSE-RU-2015:0621-1
SUSE-SU-2015:0481-1
SUSE-SU-2015:0581-1
SUSE-SU-2015:0652-1
SUSE-SU-2015:0736-1
SUSE-SU-2015:1174-1
SUSE-SU-2015:1376-1
USN-2332-1
USN-2333-1
USN-2334-1
USN-2335-1
USN-2336-1
USN-2337-1

Affected Products

Alsa
Alt Linux
Centos
Red Hat
Suse Linux Enterprise
Suse
Ubuntu
Opensuse