Unrated severityNVD Advisory· Published Jun 11, 2014· Updated Jun 17, 2026
CVE-2014-2977
CVE-2014-2977
Description
Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14- cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*
- osv-coords6 versionspkg:rpm/opensuse/DirectFB&distro=openSUSE%20Tumbleweedpkg:rpm/suse/DirectFB&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/DirectFB&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/DirectFB&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/DirectFB&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/DirectFB&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012
< 1.7.7-5.9+ 5 more
- (no CPE)range: < 1.7.7-5.9
- (no CPE)range: < 1.7.1-4.1
- (no CPE)range: < 1.7.1-4.1
- (no CPE)range: < 1.7.1-4.1
- (no CPE)range: < 1.7.1-4.1
- (no CPE)range: < 1.7.1-4.1
Patches
Vulnerability mechanics
References
8- advisories.mageia.org/MGASA-2015-0176.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-04/msg00019.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-05/msg00003.htmlnvd
- mail.directfb.org/pipermail/directfb-dev/2014-March/006805.htmlnvd
- secunia.com/advisories/58448nvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2014/05/15/9nvd
- security.gentoo.org/glsa/201701-55nvd
News mentions
0No linked articles in our index yet.