Unrated severityNVD Advisory· Published Sep 28, 2014· Updated May 6, 2026
CVE-2014-3185
CVE-2014-3185
Description
Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
19- lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.htmlnvdThird Party AdvisoryVDB Entry
- lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.htmlnvdThird Party AdvisoryVDB Entry
- lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.htmlnvdThird Party AdvisoryVDB Entry
- lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.htmlnvdThird Party AdvisoryVDB Entry
- rhn.redhat.com/errata/RHSA-2014-1318.htmlnvdThird Party AdvisoryVDB Entry
- rhn.redhat.com/errata/RHSA-2015-0284.htmlnvdThird Party AdvisoryVDB Entry
- www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.2nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/69781nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2374-1nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2375-1nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2376-1nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2377-1nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2378-1nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2379-1nvdThird Party AdvisoryVDB Entry
- code.google.com/p/google-security-research/issues/detailnvdThird Party Advisory
- github.com/torvalds/linux/commit/6817ae225cd650fb1c3295d769298c38b1eba818nvdThird Party Advisory
- git.kernel.orgnvdBroken Link
- www.openwall.com/lists/oss-security/2014/09/11/21nvdMailing List
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
News mentions
0No linked articles in our index yet.