CVE-2014-3484: Buffer Overflow
Published Feb 20, 2020
·Updated
Last updated 24 July 2024
Affected Software
3 affected componentsFixes available
debian/musl
1.2.2-11.2.3-11.2.5-1.1
Musl-libc Musl>=0.9.13<=1.0.3
Musl-libc Musl>=1.1.0<1.1.2
Remediation
Patch Available
Event History
Feb 20, 2020
CVE Published
via MITRE·03:37 AM
Data Sourced
via MITRE·03:37 AM
DescriptionWeakness
Aug 25, 2024
Data Sourced
via Launchpad·12:43 PM
Description
Sep 14, 2024
Data Sourced
via Ubuntu·12:45 PM
RemedyDescriptionSeverityAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2014-3484?
The severity of CVE-2014-3484 is critical with a severity value of 9.8.
2
What is the affected software for CVE-2014-3484?
The affected software for CVE-2014-3484 is musl libc versions 0.9.13 through 1.0.3 and versions 1.1.0 through 1.1.2.
3
How can remote attackers exploit CVE-2014-3484?
Remote attackers can exploit CVE-2014-3484 by causing a denial of service (crash) via an invalid DNS response or by having unspecified impact through an invalid name length in a DNS response.
4
What is the remedy for CVE-2014-3484 on Ubuntu?
The remedy for CVE-2014-3484 on Ubuntu is to update musl libc to version 0.9.15-1ubuntu0.1~ or higher.
5
What is the remedy for CVE-2014-3484 on Debian?
The remedy for CVE-2014-3484 on Debian is to update musl libc to version 1.1.21-2, 1.2.2-1, or 1.2.3-1.