CVE-2014-4611

EPSS 10.11% · P93 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2014-4611

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

LZ4‘lz4.c’整数溢出漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

LZ4是法国软件开发者Yann Collet所研发的一种无损数据压缩算法。基于32位平台上的Linux kernel 3.15.1及之前的版本的lib/lz4/lz4_decompress.c文件中的‘lz4_uncompress’函数和Yann Collet LZ4 r118之前的版本中使用的LZ4压缩算法中存在整数溢出漏洞。攻击者可利用该漏洞造成拒绝服务（内存损坏），也可能执行任意代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2014-4611

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2014-4611

请登录查看更多情报信息。

http://twitter.com/djrbliss/statuses/485042901399789568x_refsource_MISC
http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.htmlx_refsource_MISC
https://code.google.com/p/lz4/source/detail?r=118x_refsource_CONFIRM
https://github.com/torvalds/linux/commit/206204a1162b995e2185275167b22468c00d6b36x_refsource_CONFIRM
https://www.securitymouse.com/lms-2014-06-16-5x_refsource_MISC
http://fastcompression.blogspot.fr/2014/06/debunking-lz4-20-years-old-bug-myth.htmlx_refsource_MISC
https://www.securitymouse.com/lms-2014-06-16-6x_refsource_MISC
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=206204a1162b995e2185275167b22468c00d6b36x_refsource_CONFIRM
https://code.google.com/p/lz4/issues/detail?id=52x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1112436x_refsource_CONFIRM
http://twitter.com/djrbliss/statuses/484931749013495809x_refsource_MISC
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2x_refsource_CONFIRM
http://secunia.com/advisories/60238third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/59567third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/59770third-party-advisoryx_refsource_SECUNIA
http://www.securitytracker.com/id/1030491vdb-entryx_refsource_SECTRACK
http://lists.opensuse.org/opensuse-updates/2014-07/msg00025.htmlvendor-advisoryx_refsource_SUSE
http://www.openwall.com/lists/oss-security/2014/06/26/24mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r0038b5836e3bc91af3ff93721c0fc55d6543afab8cec47df7361fa0e%40%3Ccommon-dev.hadoop.apache.org%3Emailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r35b9f26c8ad91094d37bea0256012aeb065e32ff73dda5f934fefeb3%40%3Ccommon-issues.hadoop.apache.org%3Emailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r5c9b4826bbd8933e4688db62f6ed9008cabb8f26bcea84d4e309caf7%40%3Ccommon-issues.hadoop.apache.org%3Emailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r62f398f40f522cf59cfd89428835d4ca633a9764d82e4b7a12c37add%40%3Ccommon-issues.hadoop.apache.org%3Emailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rb301598bf24ecb6f4ce405c2a2ae23905fc4dce64277c020fc3883e5%40%3Ccommon-issues.hadoop.apache.org%3Emailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/ra72a62803eeabb6a8dc65032ca81b13ab75c271e4dff2df27c2915bb%40%3Ccommon-issues.hadoop.apache.org%3Emailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r8e0111cd64a455b0a33ab12a50fba724a0218f283c759f16da8864c2%40%3Ccommon-issues.hadoop.apache.org%3Emailing-listx_refsource_MLIST
[jira] [Commented] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611-Apache Mail Archivesmailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rf4cb13d6ee891dfe2307389c8c6594a0cb10d9efb72be8bd2f97cb76%40%3Ccommon-issues.hadoop.apache.org%3Emailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r6c998e1a47c1c3fba61a80d0dcc4b39c7fc452400c7051f685b76c0b%40%3Ccommon-issues.hadoop.apache.org%3Emailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r31eb601a8415525fa4a77b2f624c09be3550599898468ab96d508f90%40%3Ccommon-issues.hadoop.apache.org%3Emailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r229456b1fa718e329232bd7ceca4bd3e81ac55f2ec4db7314f1d7fcb%40%3Ccommon-commits.hadoop.apache.org%3Emailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r6794c8ff8f339d95a80415b0afbe71d5eda1b97bdaca19bec78d0f8f%40%3Ccommon-commits.hadoop.apache.org%3Emailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2014-4611

Same Patch Batch · n/a · 2014-07-03 · 26 CVEs total

CVE-2014-4195		ZeroCMS‘zero_view_article.php’跨站脚本漏洞
CVE-2014-4715		Yann Collet LZ4 数字错误漏洞
CVE-2014-4667		Linux kernel‘sctp_association_free()’函数拒绝服务漏洞
CVE-2014-4656		Linux kernel ALSA 整数溢出漏洞
CVE-2014-4655		Linux kernel ALSA 数字错误漏洞
CVE-2014-4654		Linux kernel ALSA 安全漏洞
CVE-2014-4653		Linux kernel 安全漏洞
CVE-2014-4652		Linux kernel ALSA 竞争条件漏洞
CVE-2014-4608		Linux kernel LZO Implementation‘lzo1x_decompress_safe.c’整数溢出漏洞
CVE-2014-4719		User-Friendly SVN 跨站脚本漏洞
CVE-2014-4718		Lunar CMS 跨站请求伪造漏洞
CVE-2014-4717		WordPress Simple Share Buttons Adder插件跨站请求伪造漏洞
CVE-2014-4716		Thomson Reuters Thomson TWG87OUIR Router‘/goform/RgSecurity’跨站请求伪造漏洞
CVE-2014-0247		LibreOffice 安全漏洞
CVE-2014-4002		Cacti 跨站脚本漏洞
CVE-2014-3920		Kanboard 跨站请求伪造漏洞
CVE-2014-3857		Kerio Control SQL注入漏洞
CVE-2014-3538		file 安全漏洞
CVE-2014-3149		Invision Power Services IP.Board和IP.Nexus 跨站脚本漏洞
CVE-2014-2965		C/o Copperfasten SpamTitan‘auth-settings-x.php’跨站脚本漏洞

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2014-4611

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2014-4611

I. Basic Information for CVE-2014-4611

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2014-4611

III. Intelligence Information for CVE-2014-4611

Same Patch Batch · n/a · 2014-07-03 · 26 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2014-4611

Leave a comment