Linux Kernel CVE Statistics
11 Linux Kernel CVEs in April 2014
Full month · Source: NIST NVD
In April 2014, 11 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 2 were rated High severity and 8 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. April's 11 CVEs represent 8% of all 2014 Linux kernel CVEs , up from March's 10 (a 10% month-over-month increase) .
11
Total CVEs
0
Critical
2
High
8
Medium
1
Low
0
KEV Exploited
All CVEs — April 2014
11 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2014-2706 | linux | High | 7.1 | 2014-04-14 | Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of… | |
| CVE-2014-2672 | linux | High | 7.1 | 2014-04-01 | Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before 3.… | |
| CVE-2014-2851 | linux | Medium | 6.9 | 2014-04-14 | Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local user… | |
| CVE-2014-0155 | linux | Medium | 5.5 | 2014-04-14 | The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_… | |
| CVE-2014-0077 | linux | Medium | 5.5 | 2014-04-14 | drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate… | |
| CVE-2014-2673 | linux | Medium | 4.7 | 2014-04-01 | The arch_dup_task_struct function in the Transactional Memory (TM) implementation in arch/powerpc/kernel/process.c in t… | |
| CVE-2014-2678 | linux | Medium | 4.7 | 2014-04-01 | The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial o… | |
| CVE-2014-2889 | linux | Medium | 4.6 | 2014-04-27 | Off-by-one error in the bpf_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 3.1.8, when … | |
| CVE-2014-2739 | linux | Medium | 4.6 | 2014-04-14 | The cma_req_handler function in drivers/infiniband/core/cma.c in the Linux kernel 3.14.x through 3.14.1 attempts to res… | |
| CVE-2013-7348 | linux | Medium | 4.6 | 2014-04-01 | Double free vulnerability in the ioctx_alloc function in fs/aio.c in the Linux kernel before 3.12.4 allows local users … | |
| CVE-2014-0181 | linux | Low | 2.1 | 2014-04-27 | The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket opera… |