{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2014-4322","title":"Title"},{"category":"description","text":"drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2014-4322","url":"https://www.suse.com/security/cve/CVE-2014-4322"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 987709 for CVE-2014-4322","url":"https://bugzilla.suse.com/987709"},{"category":"external","summary":"SUSE Bug 994751 for CVE-2014-4322","url":"https://bugzilla.suse.com/994751"}],"title":"SUSE CVE CVE-2014-4322","tracking":{"current_release_date":"2025-10-30T00:54:13Z","generator":{"date":"2023-02-15T05:27:52Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2014-4322","initial_release_date":"2023-02-15T05:27:52Z","revision_history":[{"date":"2023-02-15T05:27:52Z","number":"2","summary":"Current version"},{"date":"2025-03-14T06:41:08Z","number":"3","summary":"Current version"},{"date":"2025-03-16T12:11:46Z","number":"4","summary":"Current version"},{"date":"2025-03-18T03:48:25Z","number":"5","summary":"Current version"},{"date":"2025-10-08T00:23:58Z","number":"6","summary":"Current version"},{"date":"2025-10-30T00:54:13Z","number":"7","summary":"Current version"}],"status":"interim","version":"7"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Desktop 12 SP1","product":{"name":"SUSE Linux Enterprise Desktop 12 SP1","product_id":"SUSE Linux Enterprise Desktop 12 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sled:12:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP1","product":{"name":"SUSE Linux Enterprise Server 12 SP1","product_id":"SUSE Linux Enterprise Server 12 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sles:12:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server Teradata 12 SP3","product":{"name":"SUSE Linux Enterprise Server Teradata 12 SP3","product_id":"SUSE Linux Enterprise Server Teradata 12 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sles_teradata:12:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP4","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp4"}}},{"category":"product_version","name":"kernel-default","product":{"name":"kernel-default","product_id":"kernel-default","product_identification_helper":{"cpe":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/kernel-default@?upstream=kernel-default.src.rpm"}}},{"category":"product_version","name":"kernel-default-base","product":{"name":"kernel-default-base","product_id":"kernel-default-base","product_identification_helper":{"cpe":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/kernel-default-base@?upstream=kernel-default.src.rpm"}}},{"category":"product_version","name":"kernel-default-devel","product":{"name":"kernel-default-devel","product_id":"kernel-default-devel","product_identification_helper":{"cpe":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/kernel-default-devel@?upstream=kernel-default.src.rpm"}}},{"category":"product_version","name":"kernel-default-extra","product":{"name":"kernel-default-extra","product_id":"kernel-default-extra","product_identification_helper":{"cpe":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/kernel-default-extra@?upstream=kernel-default.src.rpm"}}},{"category":"product_version","name":"kernel-default-man","product":{"name":"kernel-default-man","product_id":"kernel-default-man","product_identification_helper":{"cpe":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/kernel-default-man@?upstream=kernel-default.src.rpm"}}},{"category":"product_version","name":"kernel-devel","product":{"name":"kernel-devel","product_id":"kernel-devel","product_identification_helper":{"cpe":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/kernel-devel@?upstream=kernel-source.src.rpm"}}},{"category":"product_version","name":"kernel-macros","product":{"name":"kernel-macros","product_id":"kernel-macros","product_identification_helper":{"cpe":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/kernel-macros@?upstream=kernel-source.src.rpm"}}},{"category":"product_version","name":"kernel-source","product":{"name":"kernel-source","product_id":"kernel-source","product_identification_helper":{"cpe":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/kernel-source@?upstream=kernel-source.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"kernel-default as component of SUSE Linux Enterprise Desktop 12 SP1","product_id":"SUSE Linux Enterprise Desktop 12 SP1:kernel-default"},"product_reference":"kernel-default","relates_to_product_reference":"SUSE Linux Enterprise Desktop 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-devel as component of SUSE Linux Enterprise Desktop 12 SP1","product_id":"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel"},"product_reference":"kernel-default-devel","relates_to_product_reference":"SUSE Linux Enterprise Desktop 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-extra as component of SUSE Linux Enterprise Desktop 12 SP1","product_id":"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra"},"product_reference":"kernel-default-extra","relates_to_product_reference":"SUSE Linux Enterprise Desktop 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel as component of SUSE Linux Enterprise Desktop 12 SP1","product_id":"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel"},"product_reference":"kernel-devel","relates_to_product_reference":"SUSE Linux Enterprise Desktop 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-macros as component of SUSE Linux Enterprise Desktop 12 SP1","product_id":"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros"},"product_reference":"kernel-macros","relates_to_product_reference":"SUSE Linux Enterprise Desktop 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-source as component of SUSE Linux Enterprise Desktop 12 SP1","product_id":"SUSE Linux Enterprise Desktop 12 SP1:kernel-source"},"product_reference":"kernel-source","relates_to_product_reference":"SUSE Linux Enterprise Desktop 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-default as component of SUSE Linux Enterprise Server 12 SP1","product_id":"SUSE Linux Enterprise Server 12 SP1:kernel-default"},"product_reference":"kernel-default","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-base as component of SUSE Linux Enterprise Server 12 SP1","product_id":"SUSE Linux Enterprise Server 12 SP1:kernel-default-base"},"product_reference":"kernel-default-base","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-devel as component of SUSE Linux Enterprise Server 12 SP1","product_id":"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel"},"product_reference":"kernel-default-devel","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-man as component of SUSE Linux Enterprise Server 12 SP1","product_id":"SUSE Linux Enterprise Server 12 SP1:kernel-default-man"},"product_reference":"kernel-default-man","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel as component of SUSE Linux Enterprise Server 12 SP1","product_id":"SUSE Linux Enterprise Server 12 SP1:kernel-devel"},"product_reference":"kernel-devel","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-macros as component of SUSE Linux Enterprise Server 12 SP1","product_id":"SUSE Linux Enterprise Server 12 SP1:kernel-macros"},"product_reference":"kernel-macros","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-source as component of SUSE Linux Enterprise Server 12 SP1","product_id":"SUSE Linux Enterprise Server 12 SP1:kernel-source"},"product_reference":"kernel-source","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-default as component of SUSE Linux Enterprise Server 12 SP2","product_id":"SUSE Linux Enterprise Server 12 SP2:kernel-default"},"product_reference":"kernel-default","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP2"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-base as component of SUSE Linux Enterprise Server 12 SP2","product_id":"SUSE Linux Enterprise Server 12 SP2:kernel-default-base"},"product_reference":"kernel-default-base","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP2"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-devel as component of SUSE Linux Enterprise Server 12 SP2","product_id":"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel"},"product_reference":"kernel-default-devel","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP2"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-man as component of SUSE Linux Enterprise Server 12 SP2","product_id":"SUSE Linux Enterprise Server 12 SP2:kernel-default-man"},"product_reference":"kernel-default-man","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP2"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel as component of SUSE Linux Enterprise Server 12 SP2","product_id":"SUSE Linux Enterprise Server 12 SP2:kernel-devel"},"product_reference":"kernel-devel","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP2"},{"category":"default_component_of","full_product_name":{"name":"kernel-macros as component of SUSE Linux Enterprise Server 12 SP2","product_id":"SUSE Linux Enterprise Server 12 SP2:kernel-macros"},"product_reference":"kernel-macros","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP2"},{"category":"default_component_of","full_product_name":{"name":"kernel-source as component of SUSE Linux Enterprise Server 12 SP2","product_id":"SUSE Linux Enterprise Server 12 SP2:kernel-source"},"product_reference":"kernel-source","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP2"},{"category":"default_component_of","full_product_name":{"name":"kernel-default as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:kernel-default"},"product_reference":"kernel-default","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-base as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:kernel-default-base"},"product_reference":"kernel-default-base","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-devel as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel"},"product_reference":"kernel-default-devel","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-man as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:kernel-default-man"},"product_reference":"kernel-default-man","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:kernel-devel"},"product_reference":"kernel-devel","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"kernel-macros as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:kernel-macros"},"product_reference":"kernel-macros","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"kernel-source as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:kernel-source"},"product_reference":"kernel-source","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"kernel-default as component of SUSE Linux Enterprise Server Teradata 12 SP3","product_id":"SUSE Linux Enterprise Server Teradata 12 SP3:kernel-default"},"product_reference":"kernel-default","relates_to_product_reference":"SUSE Linux Enterprise Server Teradata 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-source as component of SUSE Linux Enterprise Server Teradata 12 SP3","product_id":"SUSE Linux Enterprise Server Teradata 12 SP3:kernel-source"},"product_reference":"kernel-source","relates_to_product_reference":"SUSE Linux Enterprise Server Teradata 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-default as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default"},"product_reference":"kernel-default","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-base as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base"},"product_reference":"kernel-default-base","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-devel as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel"},"product_reference":"kernel-default-devel","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel"},"product_reference":"kernel-devel","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"kernel-macros as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros"},"product_reference":"kernel-macros","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"kernel-source as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source"},"product_reference":"kernel-source","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP4"}]},"vulnerabilities":[{"cve":"CVE-2014-4322","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-4322"}],"notes":[{"category":"general","text":"drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application.","title":"CVE description"}],"product_status":{"known_not_affected":["SUSE Linux Enterprise Desktop 12 SP1:kernel-default","SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel","SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra","SUSE Linux Enterprise Desktop 12 SP1:kernel-devel","SUSE Linux Enterprise Desktop 12 SP1:kernel-macros","SUSE Linux Enterprise Desktop 12 SP1:kernel-source","SUSE Linux Enterprise Server 12 SP1:kernel-default","SUSE Linux Enterprise Server 12 SP1:kernel-default-base","SUSE Linux Enterprise Server 12 SP1:kernel-default-devel","SUSE Linux Enterprise Server 12 SP1:kernel-default-man","SUSE Linux Enterprise Server 12 SP1:kernel-devel","SUSE Linux Enterprise Server 12 SP1:kernel-macros","SUSE Linux Enterprise Server 12 SP1:kernel-source","SUSE Linux Enterprise Server Teradata 12 SP3:kernel-default","SUSE Linux Enterprise Server Teradata 12 SP3:kernel-source","SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default","SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base","SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel","SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel","SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros","SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source"]},"references":[{"category":"external","summary":"CVE-2014-4322","url":"https://www.suse.com/security/cve/CVE-2014-4322"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 987709 for CVE-2014-4322","url":"https://bugzilla.suse.com/987709"},{"category":"external","summary":"SUSE Bug 994751 for CVE-2014-4322","url":"https://bugzilla.suse.com/994751"}],"remediations":[{"category":"no_fix_planned","details":"There is no fix planned for these products.\n","product_ids":["SUSE Linux Enterprise Server 12 SP2:kernel-devel","SUSE Linux Enterprise Server 12 SP2:kernel-macros","SUSE Linux Enterprise Server 12 SP2:kernel-source","SUSE Linux Enterprise Server 12 SP2:kernel-default","SUSE Linux Enterprise Server 12 SP2:kernel-default-base","SUSE Linux Enterprise Server 12 SP2:kernel-default-devel","SUSE Linux Enterprise Server 12 SP2:kernel-default-man","SUSE Linux Enterprise Server 12 SP4:kernel-default","SUSE Linux Enterprise Server 12 SP4:kernel-default-base","SUSE Linux Enterprise Server 12 SP4:kernel-default-devel","SUSE Linux Enterprise Server 12 SP4:kernel-default-man","SUSE Linux Enterprise Server 12 SP4:kernel-devel","SUSE Linux Enterprise Server 12 SP4:kernel-macros","SUSE Linux Enterprise Server 12 SP4:kernel-source"]}],"threats":[{"category":"impact","date":"2014-12-24T18:16:15Z","details":"important"}],"title":"CVE-2014-4322"}]}