Linux Kernel CVE Statistics

8 Linux Kernel CVEs in August 2014

Full month · Source: NIST NVD

July 2014 September 2014

In August 2014, 8 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 6 were rated High severity and 2 Medium. CVE-2013-2597 was confirmed as actively exploited in the wild and added to the CISA Known Exploited Vulnerabilities catalog. August's 8 CVEs represent 6% of all 2014 Linux kernel CVEs , down from July's 10 (a 20% month-over-month decrease) .

8
Total CVEs
0
Critical
6
High
2
Medium
0
Low
1
KEV Exploited

Actively Exploited CVEs — August 2014

1 CVE in CISA KEV

CVE-2013-2597 is the only Linux kernel CVE from August 2014 confirmed as actively exploited in the wild. It carries a CVSS score of 8.4 (High severity) and is listed in the CISA Known Exploited Vulnerabilities catalog.

CVE ID Severity CVSS Published Description
CVE-2013-2597 High KEV 8.4 2014-08-31 Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for…
KEV data sourced from CISA Known Exploited Vulnerabilities catalog.
All CVEs — August 2014 8 CVEs
All (8) Critical (0) High (6) Medium (2) Low (0)
CVE ID Package Severity CVSS Published Description
CVE-2013-2597 linux High KEV 8.4 2014-08-31 Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.…
CVE-2013-2595 linux High 7.2 2014-08-31 The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcom…
CVE-2014-5206 linux High 7.2 2014-08-18 The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bi…
CVE-2014-0972 linux High 7.2 2014-08-01 The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions f…
CVE-2014-3534 linux High 7.2 2014-08-01 arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-spa…
CVE-2014-5077 linux High 7.1 2014-08-01 The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is …
CVE-2014-5207 linux Medium 6.2 2014-08-18 fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NO…
CVE-2014-5045 linux Medium 6.2 2014-08-01 The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain refer…

Frequently Asked Questions

How many Linux kernel CVEs were published in August 2014?

8 Linux kernel CVEs were published in August 2014, sourced from the NIST National Vulnerability Database. Of these, 0 were rated Critical severity, 6 High, and 2 Medium.

Which Linux kernel CVEs from August 2014 are actively exploited?

1 Linux kernel CVE from August 2014 is listed in the CISA Known Exploited Vulnerabilities catalog: CVE-2013-2597 (CVSS 8.4) . This indicates confirmed active exploitation in the wild. View all actively exploited 2014 CVEs →

How does August 2014 compare to other months?

August 2014's 8 CVEs represent 6% of all 2014 Linux kernel CVEs. Compared to July's 10 CVEs, this was a 20% decrease month-over-month. View the full 2014 breakdown →

July 2014 2014 statistics September 2014