QwikSec

Security Database

CVE

CWE

Training

CVE-2014-4611

Published: Jul 3, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20140626 LMS-2014-06-16-5: Linux Kernel LZ4

mailing-list

x_refsource_MLIST

https://www.securitymouse.com/lms-2014-06-16-6

x_refsource_MISC

https://code.google.com/p/lz4/source/detail?r=118

x_refsource_CONFIRM

openSUSE-SU-2014:0924

vendor-advisory

x_refsource_SUSE

http://twitter.com/djrbliss/statuses/485042901399789568

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

http://twitter.com/djrbliss/statuses/484931749013495809

x_refsource_MISC

vdb-entry

x_refsource_SECTRACK

third-party-advisory

x_refsource_SECUNIA

http://fastcompression.blogspot.fr/2014/06/debunking-lz4-20-years-old-bug-myth.html

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=206204a1162b995e2185275167b22468c00d6b36

x_refsource_CONFIRM

https://github.com/torvalds/linux/commit/206204a1162b995e2185275167b22468c00d6b36

x_refsource_CONFIRM

http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html

x_refsource_MISC

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1112436

x_refsource_CONFIRM

https://www.securitymouse.com/lms-2014-06-16-5

x_refsource_MISC

https://code.google.com/p/lz4/issues/detail?id=52

x_refsource_CONFIRM

[hadoop-common-issues] 20210916 [jira] [Updated] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611

mailing-list

x_refsource_MLIST

[hadoop-common-dev] 20210916 [jira] [Created] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611

mailing-list

x_refsource_MLIST

[hadoop-common-issues] 20210916 [jira] [Created] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611

mailing-list

x_refsource_MLIST

[hadoop-common-issues] 20210920 [jira] [Updated] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611

mailing-list

x_refsource_MLIST

[hadoop-common-issues] 20210920 [jira] [Commented] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611

mailing-list

x_refsource_MLIST

[hadoop-common-issues] 20210921 [jira] [Updated] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611

mailing-list

x_refsource_MLIST

[hadoop-common-issues] 20210921 [jira] [Commented] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611

mailing-list

x_refsource_MLIST

[hadoop-common-issues] 20210921 [jira] [Comment Edited] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611

mailing-list

x_refsource_MLIST

[hadoop-common-commits] 20210924 [hadoop] branch branch-3.2.3 updated: HADOOP-17917. Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611. Contributed by Brahma Reddy Battula.

mailing-list

x_refsource_MLIST

[hadoop-common-issues] 20210924 [jira] [Updated] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611

mailing-list

x_refsource_MLIST

[hadoop-common-commits] 20210924 [hadoop] branch branch-3.2 updated: HADOOP-17917. Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611. Contributed by Brahma Reddy Battula.

mailing-list

x_refsource_MLIST

[hadoop-common-issues] 20210924 [jira] [Commented] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611

mailing-list

x_refsource_MLIST

[hadoop-common-issues] 20210928 [jira] [Commented] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.