CVE-2014-8709

Linux kernel <3.13.5 - Info Disclosure

Title source: llm
STIX 2.1

Description

The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets.

References (13)

Core 13
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037968
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/98922
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/70965
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-0290.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1272.html
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2014/11/09/1

Scores

EPSS 0.0452
EPSS Percentile 90.4%

Details

CWE
CWE-200
Status published
Products (5)
linux/linux_kernel 3.13
linux/linux_kernel 3.13.1
linux/linux_kernel 3.13.2
linux/linux_kernel 3.13.3
linux/linux_kernel < 3.13.4
Published Nov 10, 2014
Tracked Since Feb 18, 2026