VIR Vulnerability Intelligence Relay

CVE-2014-7284

medium
Published 2014-10-13 · Modified 2026-05-06
CVSS v3
CVSS v2
6.4
VIR risk
6.4

Description

The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by leveraging the predictability of TCP sequence numbers, TCP and UDP port numbers, and IP ID values.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2014-7284

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed3.16.2-1
debian debianbullseyefixed3.16.2-1
debian debianforkyfixed3.16.2-1
debian debiansidfixed3.16.2-1
debian debiantrixiefixed3.16.2-1
linux linux-kernel3.13.1affected
linux linux-kernel3.13.2affected
linux linux-kernel3.13.3affected
linux linux-kernel3.13.4affected
linux linux-kernel3.13.5affected
linux linux-kernel3.13.6affected
linux linux-kernel3.13.7affected
linux linux-kernel3.13.8affected
linux linux-kernel3.13.9affected
linux linux-kernel3.13.10affected
linux linux-kernel3.13.11affected
linux linux-kernel3.14.1affected
linux linux-kernel3.14.2affected
linux linux-kernel3.14.3affected
linux linux-kernel3.14.4affected

References

CWEs

CWE-200

Verify integrity in audit chain (admin only). AS-IS.