CVE-2014-3144

Severity

49%

Complexity

39%

Confidentiality

115%

The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced.

The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced.

CVSS 2.0 Base Score 4.9. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:C).

Overview

First reported 10 years ago

2014-05-11 21:55:00

Last updated 7 years ago

2017-12-29 02:29:00

Affected Software

Linux Kernel 3.0 release candidate 1

3.0

Linux Kernel 3.0 release candidate 2

3.0

Linux Kernel 3.0 release candidate 3

3.0

Linux Kernel 3.0 release candidate 4

3.0

Linux Kernel 3.0 release candidate 5

3.0

Linux Kernel 3.0 release candidate 6

3.0

Linux Kernel 3.0 release candidate 7

3.0

Linux Kernel 3.0.1

3.0.1

Linux Kernel 3.0.2

3.0.2

Linux Kernel 3.0.3

3.0.3

Linux Kernel 3.0.4

3.0.4

Linux Kernel 3.0.5

3.0.5

Linux Kernel 3.0.6

3.0.6

Linux Kernel 3.0.7

3.0.7

Linux Kernel 3.0.8

3.0.8

Linux Kernel 3.0.9

3.0.9

Linux Kernel 3.0.10

3.0.10

Linux Kernel 3.0.11

3.0.11

Linux Kernel 3.0.12

3.0.12

Linux Kernel 3.0.13

3.0.13

Linux Kernel 3.0.14

3.0.14

Linux Kernel 3.0.15

3.0.15

Linux Kernel 3.0.16

3.0.16

Linux Kernel 3.0.17

3.0.17

Linux Kernel 3.0.18

3.0.18

Linux Kernel 3.0.19

3.0.19

Linux Kernel 3.0.20

3.0.20

Linux Kernel 3.0.21

3.0.21

Linux Kernel 3.0.22

3.0.22

Linux Kernel 3.0.23

3.0.23

Linux Kernel 3.0.24

3.0.24

Linux Kernel 3.0.25

3.0.25

Linux Kernel 3.0.26

3.0.26

Linux Kernel 3.0.27

3.0.27

Linux Kernel 3.0.28

3.0.28

Linux Kernel 3.0.29

3.0.29

Linux Kernel 3.0.30

3.0.30

Linux Kernel 3.0.31

3.0.31

Linux Kernel 3.0.32

3.0.32

Linux Kernel 3.0.33

3.0.33

Linux Kernel 3.0.34

3.0.34

Linux Kernel 3.0.35

3.0.35

Linux Kernel 3.0.36

3.0.36

Linux Kernel 3.0.37

3.0.37

Linux Kernel 3.0.38

3.0.38

Linux Kernel 3.0.39

3.0.39

Linux Kernel 3.0.40

3.0.40

Linux Kernel 3.0.41

3.0.41

Linux Kernel 3.0.42

3.0.42

Linux Kernel 3.0.43

3.0.43

Linux Kernel 3.0.44

3.0.44

Linux Kernel 3.0.45

3.0.45

Linux Kernel 3.0.46

3.0.46

Linux Kernel 3.0.47

3.0.47

Linux Kernel 3.0.48

3.0.48

Linux Kernel 3.0.49

3.0.49

Linux Kernel 3.0.50

3.0.50

Linux Kernel 3.0.51

3.0.51

Linux Kernel 3.0.52

3.0.52

Linux Kernel 3.0.53

3.0.53

Linux Kernel 3.0.54

3.0.54

Linux Kernel 3.0.55

3.0.55

Linux Kernel 3.0.56

3.0.56

Linux Kernel 3.0.57

3.0.57

Linux Kernel 3.0.58

3.0.58

Linux Kernel 3.0.59

3.0.59

Linux Kernel 3.0.60

3.0.60

Linux Kernel 3.0.61

3.0.61

Linux Kernel 3.0.62

3.0.62

Linux Kernel 3.0.63

3.0.63

Linux Kernel 3.0.64

3.0.64

Linux Kernel 3.0.65

3.0.65

Linux Kernel 3.0.66

3.0.66

Linux Kernel 3.0.67

3.0.67

Linux Kernel 3.0.68

3.0.68

Linux Kernel 3.1

3.1

Linux Kernel 3.1 release candidate 1

3.1

Linux Kernel 3.1 release candidate 2

3.1

Linux Kernel 3.1 release candidate 3

3.1

Linux Kernel 3.1 release candidate 4

3.1

Linux Kernel 3.1.1

3.1.1

Linux Kernel 3.1.2

3.1.2

Linux Kernel 3.1.3

3.1.3

Linux Kernel 3.1.4

3.1.4

Linux Kernel 3.1.5

3.1.5

Linux Kernel 3.1.6

3.1.6

Linux Kernel 3.1.7

3.1.7

Linux Kernel 3.1.8

3.1.8

Linux Kernel 3.1.9

3.1.9

Linux Kernel 3.1.10

3.1.10

Linux Kernel 3.2

3.2

Linux Kernel 3.2 release candidate 2

3.2

Linux Kernel 3.2 release candidate 3

3.2

Linux Kernel 3.2 release candidate 4

3.2

Linux Kernel 3.2 release candidate 5

3.2

Linux Kernel 3.2 release candidate 6

3.2

Linux Kernel 3.2 release candidate 7

3.2

Linux Kernel 3.2.1

3.2.1

Linux Kernel 3.2.2

3.2.2

Linux Kernel 3.2.3

3.2.3

Linux Kernel 3.2.4

3.2.4

Linux Kernel 3.2.5

3.2.5

Linux Kernel 3.2.6

3.2.6

Linux Kernel 3.2.7

3.2.7

Linux Kernel 3.2.8

3.2.8

Linux Kernel 3.2.9

3.2.9

Linux Kernel 3.2.10

3.2.10

Linux Kernel 3.2.11

3.2.11

Linux Kernel 3.2.12

3.2.12

Linux Kernel 3.2.13

3.2.13

Linux Kernel 3.2.14

3.2.14

Linux Kernel 3.2.15

3.2.15

Linux Kernel 3.2.16

3.2.16

Linux Kernel 3.2.17

3.2.17

Linux Kernel 3.2.18

3.2.18

Linux Kernel 3.2.19

3.2.19

Linux Kernel 3.2.20

3.2.20

Linux Kernel 3.2.21

3.2.21

Linux Kernel 3.2.22

3.2.22

Linux Kernel 3.2.23

3.2.23

Linux Kernel 3.2.24

3.2.24

Linux Kernel 3.2.25

3.2.25

Linux Kernel 3.2.26

3.2.26

Linux Kernel 3.2.27

3.2.27

Linux Kernel 3.2.28

3.2.28

Linux Kernel 3.2.29

3.2.29

Linux Kernel 3.2.30

3.2.30

Linux Kernel 3.3

3.3

Linux Kernel 3.3 release candidate 1

3.3

Linux Kernel 3.3 release candidate 2

3.3

Linux Kernel 3.3 release candidate 3

3.3

Linux Kernel 3.3 release candidate 4

3.3

Linux Kernel 3.3 release candidate 5

3.3

Linux Kernel 3.3 release candidate 6

3.3

Linux Kernel 3.3 release candidate 7

3.3

Linux Kernel 3.3.1

3.3.1

Linux Kernel 3.3.2

3.3.2

Linux Kernel 3.3.3

3.3.3

Linux Kernel 3.3.4

3.3.4

Linux Kernel 3.3.5

3.3.5

Linux Kernel 3.3.6

3.3.6

Linux Kernel 3.3.7

3.3.7

Linux Kernel 3.3.8

3.3.8

Linux Kernel 3.4

3.4

Linux Kernel 3.4 release candidate 1

3.4

Linux Kernel 3.4 release candidate 2

3.4

Linux Kernel 3.4 release candidate 3

3.4

Linux Kernel 3.4 release candidate 4

3.4

Linux Kernel 3.4 release candidate 5

3.4

Linux Kernel 3.4 release candidate 6

3.4

Linux Kernel 3.4 release candidate 7

3.4

Linux Kernel 3.4.1

3.4.1

Linux Kernel 3.4.2

3.4.2

Linux Kernel 3.4.3

3.4.3

Linux Kernel 3.4.4

3.4.4

Linux Kernel 3.4.5

3.4.5

Linux Kernel 3.4.6

3.4.6

Linux Kernel 3.4.7

3.4.7

Linux Kernel 3.4.8

3.4.8

Linux Kernel 3.4.9

3.4.9

Linux Kernel 3.4.10

3.4.10

Linux Kernel 3.4.11

3.4.11

Linux Kernel 3.4.12

3.4.12

Linux Kernel 3.4.13

3.4.13

Linux Kernel 3.4.14

3.4.14

Linux Kernel 3.4.15

3.4.15

Linux Kernel 3.4.16

3.4.16

Linux Kernel 3.4.17

3.4.17

Linux Kernel 3.4.18

3.4.18

Linux Kernel 3.4.19

3.4.19

Linux Kernel 3.4.20

3.4.20

Linux Kernel 3.4.21

3.4.21

Linux Kernel 3.4.22

3.4.22

Linux Kernel 3.4.23

3.4.23

Linux Kernel 3.4.24

3.4.24

Linux Kernel 3.4.25

3.4.25

Linux Kernel 3.4.26

3.4.26

Linux Kernel 3.4.27

3.4.27

Linux Kernel 3.4.28

3.4.28

Linux Kernel 3.4.29

3.4.29

Linux Kernel 3.4.30

3.4.30

Linux Kernel 3.4.31

3.4.31

Linux Kernel 3.4.32

3.4.32

Linux Kernel 3.4.33

3.4.33

Linux Kernel 3.4.34

3.4.34

Linux Kernel 3.4.35

3.4.35

Linux Kernel 3.4.36

3.4.36

Linux Kernel 3.4.37

3.4.37

Linux Kernel 3.4.38

3.4.38

Linux Kernel 3.4.39

3.4.39

Linux Kernel 3.4.40

3.4.40

Linux Kernel 3.4.41

3.4.41

Linux Kernel 3.4.42

3.4.42

Linux Kernel 3.4.43

3.4.43

Linux Kernel 3.4.44

3.4.44

Linux Kernel 3.4.45

3.4.45

Linux Kernel 3.4.46

3.4.46

Linux Kernel 3.4.47

3.4.47

Linux Kernel 3.4.48

3.4.48

Linux Kernel 3.4.49

3.4.49

Linux Kernel 3.4.50

3.4.50

Linux Kernel 3.4.51

3.4.51

Linux Kernel 3.4.52

3.4.52

Linux Kernel 3.4.53

3.4.53

Linux Kernel 3.4.54

3.4.54

Linux Kernel 3.4.55

3.4.55

Linux Kernel 3.4.56

3.4.56

Linux Kernel 3.4.57

3.4.57

Linux Kernel 3.4.58

3.4.58

Linux Kernel 3.4.59

3.4.59

Linux Kernel 3.4.60

3.4.60

Linux Kernel 3.4.61

3.4.61

Linux Kernel 3.4.62

3.4.62

Linux Kernel 3.4.63

3.4.63

Linux Kernel 3.4.64

3.4.64

Linux Kernel 3.4.65

3.4.65

Linux Kernel 3.4.66

3.4.66

Linux Kernel 3.4.67

3.4.67

Linux Kernel 3.4.68

3.4.68

Linux Kernel 3.4.69

3.4.69

Linux Kernel 3.4.70

3.4.70

Linux Kernel 3.4.71

3.4.71

Linux Kernel 3.4.72

3.4.72

Linux Kernel 3.4.73

3.4.73

Linux Kernel 3.4.74

3.4.74

Linux Kernel 3.4.75

3.4.75

Linux Kernel 3.4.76

3.4.76

Linux Kernel 3.4.77

3.4.77

Linux Kernel 3.4.78

3.4.78

Linux Kernel 3.4.79

3.4.79

Linux Kernel 3.5.1

3.5.1

Linux Kernel 3.5.2

3.5.2

Linux Kernel 3.5.3

3.5.3

Linux Kernel 3.5.4

3.5.4

Linux Kernel 3.5.5

3.5.5

Linux Kernel 3.5.6

3.5.6

Linux Kernel 3.5.7

3.5.7

Linux Kernel 3.6

3.6

Linux Kernel 3.6.1

3.6.1

Linux Kernel 3.6.2

3.6.2

Linux Kernel 3.6.3

3.6.3

Linux Kernel 3.6.4

3.6.4

Linux Kernel 3.6.5

3.6.5

Linux Kernel 3.6.6

3.6.6

Linux Kernel 3.6.7

3.6.7

Linux Kernel 3.6.8

3.6.8

Linux Kernel 3.6.9

3.6.9

Linux Kernel 3.6.10

3.6.10

Linux Kernel 3.6.11

3.6.11

Linux Kernel 3.7

3.7

Linux Kernel 3.7.1

3.7.1

Linux Kernel 3.7.2

3.7.2

Linux Kernel 3.7.3

3.7.3

Linux Kernel 3.7.4

3.7.4

Linux Kernel 3.7.5

3.7.5

Linux Kernel 3.7.6

3.7.6

Linux Kernel 3.7.7

3.7.7

Linux Kernel 3.7.8

3.7.8

Linux Kernel 3.7.9

3.7.9

Linux Kernel 3.7.10

3.7.10

Linux Kernel 3.8.0

3.8.0

Linux Kernel 3.8.1

3.8.1

Linux Kernel 3.8.2

3.8.2

Linux Kernel 3.8.3

3.8.3

Linux Kernel 3.8.4

3.8.4

Linux Kernel 3.8.5

3.8.5

Linux Kernel 3.8.6

3.8.6

Linux Kernel 3.8.7

3.8.7

Linux Kernel 3.8.8

3.8.8

Linux Kernel 3.8.9

3.8.9

Linux Kernel 3.8.10

3.8.10

Linux Kernel 3.8.11

3.8.11

Linux Kernel 3.8.12

3.8.12

Linux Kernel 3.8.13

3.8.13

Linux Kernel 3.9 release candidate 1

3.9

Linux Kernel 3.9 release candidate 2

3.9

Linux Kernel 3.9 release candidate 3

3.9

Linux Kernel 3.9 release candidate 4

3.9

Linux Kernel 3.9 release candidate 5

3.9

Linux Kernel 3.9 release candidate 6

3.9

Linux Kernel 3.9 release candidate 7

3.9

Linux Kernel 3.9.0

3.9.0

Linux Kernel 3.9.1

3.9.1

Linux Kernel 3.9.2

3.9.2

Linux Kernel 3.9.3

3.9.3

Linux Kernel 3.9.4

3.9.4

Linux Kernel 3.9.5

3.9.5

Linux Kernel 3.9.6

3.9.6

Linux Kernel 3.9.7

3.9.7

Linux Kernel 3.9.8

3.9.8

Linux Kernel 3.9.9

3.9.9

Linux Kernel 3.9.10

3.9.10

Linux Kernel 3.9.11

3.9.11

Linux Kernel 3.10

3.10

Linux Kernel 3.10.1

3.10.1

Linux Kernel 3.10.2

3.10.2

Linux Kernel 3.10.3

3.10.3

Linux Kernel 3.10.4

3.10.4

Linux Kernel 3.10.5

3.10.5

Linux Kernel 3.10.6

3.10.6

Linux Kernel 3.10.7

3.10.7

Linux Kernel 3.10.8

3.10.8

Linux Kernel 3.10.9

3.10.9

Linux Kernel 3.10.10

3.10.10

Linux Kernel 3.10.11

3.10.11

Linux Kernel 3.10.2

3.10.12

Linux Kernel 3.10.13

3.10.13

Linux Kernel 3.10.14

3.10.14

Linux Kernel 3.10.15

3.10.15

Linux Kernel 3.10.16

3.10.16

Linux Kernel 3.10.17

3.10.17

Linux Kernel 3.10.18

3.10.18

Linux Kernel 3.10.19

3.10.19

Linux Kernel 3.10.20

3.10.20

Linux Kernel 3.10.21

3.10.21

Linux Kernel 3.10.22

3.10.22

Linux Kernel 3.10.23

3.10.23

Linux Kernel 3.10.24

3.10.24

Linux Kernel 3.10.25

3.10.25

Linux Kernel 3.10.26

3.10.26

Linux Kernel 3.10.27

3.10.27

Linux Kernel 3.10.28

3.10.28

Linux Kernel 3.10.29

3.10.29

Linux Kernel 3.11

3.11

Linux Kernel 3.11.1

3.11.1

Linux Kernel 3.11.2

3.11.2

Linux Kernel 3.11.3

3.11.3

Linux Kernel 3.11.4

3.11.4

Linux Kernel 3.11.5

3.11.5

Linux Kernel 3.11.6

3.11.6

Linux Kernel 3.11.7

3.11.7

Linux Kernel 3.11.8

3.11.8

Linux Kernel 3.11.9

3.11.9

Linux Kernel 3.11.10

3.11.10

Linux Kernel 3.12

3.12

Linux Kernel 3.12.1

3.12.1

Linux Kernel 3.12.2

3.12.2

Linux Kernel 3.12.3

3.12.3

Linux Kernel 3.12.4

3.12.4

Linux Kernel 3.12.5

3.12.5

Linux Kernel 3.12.6

3.12.6

Linux Kernel 3.12.7

3.12.7

Linux Kernel 3.12.8

3.12.8

Linux Kernel 3.12.9

3.12.9

Linux Kernel 3.12.10

3.12.10

Linux Kernel 3.12.11

3.12.11

Linux Kernel 3.12.12

3.12.12

Linux Kernel 3.12.13

3.12.13

Linux Kernel 3.12.14

3.12.14

Linux Kernel 3.12.15

3.12.15

Linux Kernel 3.12.16

3.12.16

Linux Kernel 3.12.17

3.12.17

Linux Kernel 3.13

3.13

Linux Kernel 3.13.1

3.13.1

Linux Kernel 3.13.2

3.13.2

Linux Kernel 3.13.3

3.13.3

Linux Kernel 3.13.4

3.13.4

Linux Kernel 3.13.5

3.13.5

Linux Kernel 3.13.6

3.13.6

Linux Kernel 3.13.7

3.13.7

Linux Kernel 3.13.8

3.13.8

Linux Kernel 3.13.9

3.13.9

Linux Kernel 3.13.10

3.13.10

Linux Kernel 3.13.11

3.13.11

Linux Kernel 3.14

3.14

Linux Kernel 3.14 release candidate 1

3.14

Linux Kernel 3.14 release candidate 2

3.14

Linux Kernel 3.14 release candidate 3

3.14

Linux Kernel 3.14 release candidate 4

3.14

Linux Kernel 3.14 release candidate 5

3.14

Linux Kernel 3.14 release candidate 6

3.14

Linux Kernel 3.14 release candidate 7

3.14

Linux Kernel 3.14 release candidate 8

3.14

Linux Kernel 3.14.1

3.14.1

Linux Kernel 3.14.2

3.14.2

Linux Kernel

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=05ab8f2647e4221cbdb3856dd7d32bd5407316b3

http://linux.oracle.com/errata/ELSA-2014-3052.html

58990

59311

59597

60613

DSA-2949

[oss-security] 20140509 Re: CVE request Linux kernel: filter: prevent nla extensions to peek beyond the end of the message

67309

USN-2251-1

USN-2252-1

USN-2259-1

USN-2261-1

USN-2262-1

USN-2263-1

USN-2264-1

https://github.com/torvalds/linux/commit/05ab8f2647e4221cbdb3856dd7d32bd5407316b3

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.