CVE-2014-4608

EPSS 8.60% · P92 Updated Jan 28, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2014-4608

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the author of the LZO algorithms says "the Linux kernel is *not* affected; media hype.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel LZO Implementation‘lzo1x_decompress_safe.c’整数溢出漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 3.15.1及之前版本的LZO解码器中的lib/lzo/lzo1x_decompress_safe.c文件的‘lzo1x_decompress_safe’函数存在整数溢出漏洞。远程攻击者可利用该漏洞造成拒绝服务（内存损坏）。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2014-4608

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2014-4608

请登录查看更多情报信息。

http://www.oberhumer.com/opensource/lzo/x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1113899x_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=206a81c18401c0cde6e579164f752c4b147324cex_refsource_CONFIRM
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2x_refsource_CONFIRM
http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.htmlx_refsource_MISC
https://www.securitymouse.com/lms-2014-06-16-2x_refsource_MISC
http://www.securityfocus.com/bid/68214vdb-entryx_refsource_BID
http://secunia.com/advisories/62633third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/60011third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/60174third-party-advisoryx_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-2420-1vendor-advisoryx_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2417-1vendor-advisoryx_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2416-1vendor-advisoryx_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2418-1vendor-advisoryx_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2421-1vendor-advisoryx_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2419-1vendor-advisoryx_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2015-0062.htmlvendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.htmlvendor-advisoryx_refsource_SUSE
http://www.openwall.com/lists/oss-security/2014/06/26/21mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2014-4608

Same Patch Batch · n/a · 2014-07-03 · 26 CVEs total

CVE-2014-4195		ZeroCMS‘zero_view_article.php’跨站脚本漏洞
CVE-2014-4715		Yann Collet LZ4 数字错误漏洞
CVE-2014-4667		Linux kernel‘sctp_association_free()’函数拒绝服务漏洞
CVE-2014-4656		Linux kernel ALSA 整数溢出漏洞
CVE-2014-4655		Linux kernel ALSA 数字错误漏洞
CVE-2014-4654		Linux kernel ALSA 安全漏洞
CVE-2014-4653		Linux kernel 安全漏洞
CVE-2014-4652		Linux kernel ALSA 竞争条件漏洞
CVE-2014-4611		LZ4‘lz4.c’整数溢出漏洞
CVE-2014-4719		User-Friendly SVN 跨站脚本漏洞
CVE-2014-4718		Lunar CMS 跨站请求伪造漏洞
CVE-2014-4717		WordPress Simple Share Buttons Adder插件跨站请求伪造漏洞
CVE-2014-4716		Thomson Reuters Thomson TWG87OUIR Router‘/goform/RgSecurity’跨站请求伪造漏洞
CVE-2014-0247		LibreOffice 安全漏洞
CVE-2014-4002		Cacti 跨站脚本漏洞
CVE-2014-3920		Kanboard 跨站请求伪造漏洞
CVE-2014-3857		Kerio Control SQL注入漏洞
CVE-2014-3538		file 安全漏洞
CVE-2014-3149		Invision Power Services IP.Board和IP.Nexus 跨站脚本漏洞
CVE-2014-2965		C/o Copperfasten SpamTitan‘auth-settings-x.php’跨站脚本漏洞

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2014-4608

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2014-4608

I. Basic Information for CVE-2014-4608

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2014-4608

III. Intelligence Information for CVE-2014-4608

Same Patch Batch · n/a · 2014-07-03 · 26 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2014-4608

Leave a comment