CVE-2014-9904 vulnerability in Linux and Other Products
Published on June 27, 2016

The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2014-9904

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2014-9904 are published in these products:

Linux Kernel

Debian Linux

Novell Suse Linux Enterprise Real Time Extension

Exploit Probability

EPSS

0.04%

Percentile

11.55%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2014-9904 vulnerability in Linux and Other ProductsPublished on June 27, 2016

Products Associated with CVE-2014-9904

Exploit Probability

CVE-2014-9904 vulnerability in Linux and Other Products
Published on June 27, 2016