CVE-2014-9904

CWE-190 — Integer Overflow12 documents9 sources

Severity

7.8HIGH

EPSS

0.0%

top 88.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Debian Linux Novell Suse Linux Enterprise Real Time Extension

Timeline

PublishedJun 27

Latest updateMay 17

Description

The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

▶NVDlinux/linux_kernel3.7 — 3.12.62+1

▶Debianlinux< 4.0.2-1+3

▶Ubuntulinux< 3.13.0-101.148

▶NVDnovell/suse_linux_enterprise_real_time_extension12

Also affects: Debian Linux 8.0

Patches

Patch: git.kernel.org ↗Patch: github.com ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-94qv-77gg-mfm4: The snd_compress_check_input function in sound/core/compress_offload↗2022-05-17

▶

OSV

linux vulnerabilities↗2016-11-11

▶

OSV

CVE-2014-9904: The snd_compress_check_input function in sound/core/compress_offload↗2016-06-27

▶

CVEList

CVE-2014-9904: The snd_compress_check_input function in sound/core/compress_offload↗2016-06-27

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerabilities↗2016-11-11

▶

Ubuntu

Linux kernel (Trusty HWE) vulnerabilities↗2016-11-11

▶

Android

CVE-2014-9904: Android Security Bulletin 2016-08-01 CVE: CVE-2014-9904 Severity: HIGH References: A-28592007 Upstream kernel↗2016-08-01

▶

Red Hat

kernel: Integer overflow in snd_compr_allocate_buffer()↗2014-07-16

▶

Debian

CVE-2014-9904: linux - The snd_compress_check_input function in sound/core/compress_offload.c in the AL...↗2014

▶

💬Community

Bugzilla

CVE-2012-6703 kernel: Integer overflow in compress_core↗2016-06-29

▶

Bugzilla

CVE-2014-9904 kernel: Integer overflow in snd_compr_allocate_buffer()↗2016-06-28

▶