How severe is CVE-2014-3144?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.9 out of 10.

What type of vulnerability is CVE-2014-3144?

This is classified as CWE-190, which is a common weakness in software security.

CVE-2014-3144

MEDIUM Year: 2014

CVSS v2 Score

4.9

Medium

Weakness Type

CWE-190

View all →

Vulnerability Description

The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced.

CVE-2020-27484

CRITICAL

CVSS:9.9(Critical)

Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ ...

CWE-1902020

CVE-2022-1699

CRITICAL

CVSS:9.9(Critical)

Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resou...

CWE-1902022

CVE-2002-0391

CRITICAL

CVSS:9.8(Critical)

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by...

CWE-1902002

CVE-2002-0639

CRITICAL

CVSS:9.8(Critical)

Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using...

CWE-1902002

CVE-2005-0102

CRITICAL

CVSS:9.8(Critical)

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte ...

CWE-1902005

CVE-2005-1141

CRITICAL

CVSS:9.8(Critical)

Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, whi...

CWE-1902005

CVE-2014-3144

Vulnerability Description

Related Vulnerabilities

CVE-2020-27484

CVE-2022-1699

CVE-2002-0391

CVE-2002-0639

CVE-2005-0102

CVE-2005-1141