VYPR
Unrated severityNVD Advisory· Published Oct 13, 2014· Updated Jun 17, 2026

CVE-2014-7284

CVE-2014-7284

Description

The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by leveraging the predictability of TCP sequence numbers, TCP and UDP port numbers, and IP ID values.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

16
  • Linux/Kernel16 versions
    cpe:2.3:o:linux:linux_kernel:3.13.1:*:*:*:*:*:*:*+ 15 more
    • cpe:2.3:o:linux:linux_kernel:3.13.1:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:3.13.10:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:3.13.11:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:3.13.2:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:3.13.3:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:3.13.4:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:3.13.5:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:3.13.6:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:3.13.7:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:3.13.8:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:3.13.9:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:3.14.1:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:3.14.2:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:3.14.3:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:3.14.4:*:*:*:*:*:*:*
    • (no CPE)range: >=3.13, <3.14.5

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.