Executive Summary

Informations
NameCVE-2014-2523First vendor Publication2014-03-24
VendorCveLast vendor Modification2017-12-15

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2523

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24412
 
Oval ID: oval:org.mitre.oval:def:24412
Title: DSA-2906-1 linux-2.6 - several
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.
Family: unix Class: patch
Reference(s): DSA-2906-1
CVE-2013-0343
CVE-2013-2147
CVE-2013-2889
CVE-2013-2893
CVE-2013-2929
CVE-2013-4162
CVE-2013-4299
CVE-2013-4345
CVE-2013-4512
CVE-2013-4587
CVE-2013-6367
CVE-2013-6380
CVE-2013-6381
CVE-2013-6382
CVE-2013-6383
CVE-2013-7263
CVE-2013-7264
CVE-2013-7265
CVE-2013-7339
CVE-2014-0101
CVE-2014-1444
CVE-2014-1445
CVE-2014-1446
CVE-2014-1874
CVE-2014-2039
CVE-2014-2523
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24846
 
Oval ID: oval:org.mitre.oval:def:24846
Title: USN-2173-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2173-1
CVE-2014-0101
CVE-2014-2523
Version: 4
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24577
 
Oval ID: oval:org.mitre.oval:def:24577
Title: RHSA-2014:0475: kernel security and bug fix update (Important)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important) * A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions. (CVE-2013-6383, Moderate) * A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate) The CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0475-00
CESA-2014:0475
CVE-2013-6383
CVE-2014-0077
CVE-2014-2523
Version: 3
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24383
 
Oval ID: oval:org.mitre.oval:def:24383
Title: USN-2174-1 -- linux-ec2 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2174-1
CVE-2014-0101
CVE-2014-2523
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24573
 
Oval ID: oval:org.mitre.oval:def:24573
Title: ELSA-2014:0475: kernel security and bug fix update (Important)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important) * A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions. (CVE-2013-6383, Moderate) * A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate) The CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014:0475-00
CVE-2013-6383
CVE-2014-0077
CVE-2014-2523
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27347
 
Oval ID: oval:org.mitre.oval:def:27347
Title: ELSA-2014-3016 -- Unbreakable Enterprise kernel security update (important)
Description: kernel-uek [2.6.32-400.34.4uek] - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18462076] {CVE-2014-2523} - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461091] {CVE-2014-0101}
Family: unix Class: patch
Reference(s): ELSA-2014-3016
CVE-2014-0101
CVE-2014-2523
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
mlnx_en
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26883
 
Oval ID: oval:org.mitre.oval:def:26883
Title: ELSA-2014-3014 -- unbreakable enterprise kernel security update (important)
Description: kernel-uek [3.8.13-26.2.2.el6uek] - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18421673] {CVE-2014-2523} - cifs: ensure that uncached writes handle unmapped areas correctly (Jeff Layton) [Orabug: 18461067] {CVE-2014-0069} {CVE-2014-0069} - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461065] {CVE-2014-0101} - vhost-net: insufficient handling of error conditions in get_rx_bufs() (Guangyu Sun) [Orabug: 18461050] {CVE-2014-0055}
Family: unix Class: patch
Reference(s): ELSA-2014-3014
CVE-2014-0055
CVE-2014-0069
CVE-2014-0101
CVE-2014-2523
Version: 5
Platform(s): Oracle Linux 6
Product(s): dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26607
 
Oval ID: oval:org.mitre.oval:def:26607
Title: DEPRECATED: ELSA-2014-0475 -- kernel security and bug fix update (important)
Description: A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system.
Family: unix Class: patch
Reference(s): ELSA-2014-0475
CVE-2014-0077
CVE-2013-6383
CVE-2014-2523
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26566
 
Oval ID: oval:org.mitre.oval:def:26566
Title: ELSA-2014-3015 -- unbreakable enterprise kernel security update (important)
Description: [2.6.39-400.214.4] - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18462070] {CVE-2014-2523} - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461090] {CVE-2014-0101} - vhost-net: insufficient handling of error conditions in get_rx_bufs() (Guangyu Sun) [Orabug: 18461089] {CVE-2014-0055}
Family: unix Class: patch
Reference(s): ELSA-2014-3015
CVE-2014-0055
CVE-2014-0101
CVE-2014-2523
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os2044

Nessus® Vulnerability Scanner

DateDescription
2017-04-03Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0520.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0593.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2014-0629.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0634.nasl - Type : ACT_GATHER_INFO
2014-10-12Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-328.nasl - Type : ACT_GATHER_INFO
2014-07-22Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0439.nasl - Type : ACT_GATHER_INFO
2014-07-17Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140709.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-124.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-375.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-376.nasl - Type : ACT_GATHER_INFO
2014-05-28Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2223-1.nasl - Type : ACT_GATHER_INFO
2014-05-28Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2224-1.nasl - Type : ACT_GATHER_INFO
2014-05-28Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2225-1.nasl - Type : ACT_GATHER_INFO
2014-05-28Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2228-1.nasl - Type : ACT_GATHER_INFO
2014-05-27Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2221-1.nasl - Type : ACT_GATHER_INFO
2014-05-20Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3034.nasl - Type : ACT_GATHER_INFO
2014-05-09Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0475.nasl - Type : ACT_GATHER_INFO
2014-05-09Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0475.nasl - Type : ACT_GATHER_INFO
2014-05-09Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0475.nasl - Type : ACT_GATHER_INFO
2014-05-09Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140507_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-04-27Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2906.nasl - Type : ACT_GATHER_INFO
2014-04-27Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2173-1.nasl - Type : ACT_GATHER_INFO
2014-04-27Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2174-1.nasl - Type : ACT_GATHER_INFO
2014-03-28Name : The remote Fedora host is missing a security update.
File : fedora_2014-4317.nasl - Type : ACT_GATHER_INFO
2014-03-28Name : The remote Fedora host is missing a security update.
File : fedora_2014-4360.nasl - Type : ACT_GATHER_INFO
2014-03-28Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3016.nasl - Type : ACT_GATHER_INFO
2014-03-27Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3014.nasl - Type : ACT_GATHER_INFO
2014-03-27Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3015.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/66279
CONFIRM http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b...
https://bugzilla.redhat.com/show_bug.cgi?id=1077343
https://github.com/torvalds/linux/commit/b22f5126a24b3b2f15448c3f2a254fc10cbc...
MISC http://twitter.com/grsecurity/statuses/445496197399461888
MLIST http://www.openwall.com/lists/oss-security/2014/03/17/7
SECTRACK http://www.securitytracker.com/id/1029945
UBUNTU http://www.ubuntu.com/usn/USN-2173-1
http://www.ubuntu.com/usn/USN-2174-1
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/91910

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
DateInformations
2019-01-25 12:06:12
  • Multiple Updates
2018-11-17 12:04:44
  • Multiple Updates
2018-10-30 12:06:48
  • Multiple Updates
2018-08-09 12:02:48
  • Multiple Updates
2018-04-25 12:05:37
  • Multiple Updates
2017-12-16 09:21:41
  • Multiple Updates
2017-08-29 09:24:29
  • Multiple Updates
2017-04-04 13:20:39
  • Multiple Updates
2016-08-12 12:01:24
  • Multiple Updates
2016-06-30 21:37:49
  • Multiple Updates
2016-06-28 22:41:30
  • Multiple Updates
2016-04-27 00:35:48
  • Multiple Updates
2014-11-08 13:31:43
  • Multiple Updates
2014-10-12 13:27:15
  • Multiple Updates
2014-07-23 13:25:03
  • Multiple Updates
2014-07-18 13:24:29
  • Multiple Updates
2014-06-14 13:37:21
  • Multiple Updates
2014-05-29 13:23:34
  • Multiple Updates
2014-05-28 13:23:32
  • Multiple Updates
2014-05-21 13:23:32
  • Multiple Updates
2014-05-10 13:25:54
  • Multiple Updates
2014-04-28 13:21:55
  • Multiple Updates
2014-04-01 14:41:34
  • Multiple Updates
2014-03-29 13:23:50
  • Multiple Updates
2014-03-28 13:22:11
  • Multiple Updates
2014-03-25 21:22:00
  • Multiple Updates
2014-03-24 21:24:40
  • First insertion