Unrated severityNVD Advisory· Published Sep 28, 2014· Updated May 6, 2026

CVE-2014-3186

Description

Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that sends a large report.

Affected products

Canonical/Ubuntu Linux2 versions
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: >=2.6.35,<3.2.63

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

git.kernel.orgnvdVendor Advisory
lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.htmlnvdMailing ListThird Party Advisory
www.securityfocus.com/bid/69763nvdThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/USN-2376-1nvdThird Party Advisory
www.ubuntu.com/usn/USN-2377-1nvdThird Party Advisory
www.ubuntu.com/usn/USN-2378-1nvdThird Party Advisory
www.ubuntu.com/usn/USN-2379-1nvdThird Party Advisory
bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
code.google.com/p/google-security-research/issues/detailnvdThird Party Advisory
github.com/torvalds/linux/commit/844817e47eef14141cf59b8d5ac08dd11c0a9189nvdThird Party Advisory
www.openwall.com/lists/oss-security/2014/09/11/22nvdMailing List

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000