CVE-2014-8321

HIGH

aircrack-ng < 1.2 RC 1 - Local Privilege Escalation via GPS Tracker Buffer Overflow

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors.

References (5)

Core 5
Core References
Product, Release Notes, Third Party Advisory x_refsource_confirm
http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html
Patch, Third Party Advisory x_refsource_misc
https://github.com/aircrack-ng/aircrack-ng/pull/13
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/98458

Scores

CVSS v3 7.8
EPSS 0.0081
EPSS Percentile 52.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (2)
aircrack-ng/aircrack-ng 1.2 beta1 (3 CPE variants)
aircrack-ng/aircrack-ng < 1.1
Published Jan 31, 2020
Tracked Since Feb 18, 2026