CVE-2014-4322 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2014-4322 Interim 1 9 2022-10-15T17:16:12Z current 2021-05-30T13:21:58Z 2022-10-15T17:16:12Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2014-4322 drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server Teradata 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 kernel-default kernel-default-base kernel-default-devel kernel-default-extra kernel-default-man kernel-devel kernel-macros kernel-source kernel-default as a component of SUSE Linux Enterprise Desktop 12 SP1 kernel-default-devel as a component of SUSE Linux Enterprise Desktop 12 SP1 kernel-default-extra as a component of SUSE Linux Enterprise Desktop 12 SP1 kernel-devel as a component of SUSE Linux Enterprise Desktop 12 SP1 kernel-macros as a component of SUSE Linux Enterprise Desktop 12 SP1 kernel-source as a component of SUSE Linux Enterprise Desktop 12 SP1 kernel-default as a component of SUSE Linux Enterprise Server 12 SP1 kernel-default-base as a component of SUSE Linux Enterprise Server 12 SP1 kernel-default-devel as a component of SUSE Linux Enterprise Server 12 SP1 kernel-default-man as a component of SUSE Linux Enterprise Server 12 SP1 kernel-devel as a component of SUSE Linux Enterprise Server 12 SP1 kernel-macros as a component of SUSE Linux Enterprise Server 12 SP1 kernel-source as a component of SUSE Linux Enterprise Server 12 SP1 kernel-default as a component of SUSE Linux Enterprise Server Teradata 12 SP3 kernel-source as a component of SUSE Linux Enterprise Server Teradata 12 SP3 kernel-default as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 kernel-default-base as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 kernel-default-devel as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 kernel-devel as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 kernel-macros as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 kernel-source as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application. CVE-2014-4322 SUSE Linux Enterprise Desktop 12 SP1:kernel-default SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra SUSE Linux Enterprise Desktop 12 SP1:kernel-devel SUSE Linux Enterprise Desktop 12 SP1:kernel-macros SUSE Linux Enterprise Desktop 12 SP1:kernel-source SUSE Linux Enterprise Server 12 SP1:kernel-default SUSE Linux Enterprise Server 12 SP1:kernel-default-base SUSE Linux Enterprise Server 12 SP1:kernel-default-devel SUSE Linux Enterprise Server 12 SP1:kernel-default-man SUSE Linux Enterprise Server 12 SP1:kernel-devel SUSE Linux Enterprise Server 12 SP1:kernel-macros SUSE Linux Enterprise Server 12 SP1:kernel-source SUSE Linux Enterprise Server Teradata 12 SP3:kernel-default SUSE Linux Enterprise Server Teradata 12 SP3:kernel-source SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C