CVE-2014-3153
Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
Vulnerability Description
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.
Affected Platforms (CPE)
💻
Linux
Linux Kernel
< 3.2.60💻
Linux
Linux Kernel
>= 3.3 and < 3.4.92💻
Linux
Linux Kernel
>= 3.5 and < 3.10.42💻
Linux
Linux Kernel
>= 3.11 and < 3.12.22💻
Linux
Linux Kernel
>= 3.13 and < 3.14.6💻
Redhat
Enterprise Linux Server Aus
= 6.2💻
Opensuse
Opensuse
= 11.4💻
Suse
Linux Enterprise Desktop
= 11💻
Suse
Linux Enterprise High Availability Extension
= 11💻
Suse
Linux Enterprise Real Time Extension
= 11💻
Suse
Linux Enterprise Server
= 11💻
Suse
Linux Enterprise Server
= 11💻
Suse
Linux Enterprise Server
= 11💻
Suse
Linux Enterprise Server
= 11💻
Canonical
Ubuntu Linux
= 12.04💻
Canonical
Ubuntu Linux
= 14.04💻
Oracle
Linux
= 5💻
Oracle