Published: 11/05/2014 Updated: 07/11/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 642

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel up to and including 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
oracle linux 5
oracle linux 6
debian debian linux 7.0
debian debian linux 6.0
suse linux enterprise desktop 11
suse linux enterprise server 11
suse linux enterprise real time extension 11
suse linux enterprise high availability extension 11
redhat enterprise linux eus 6.3
redhat enterprise linux eus 5.6

Debian Bug report logs - #747166 CVE-2014-0196: pty layer race condition memory corruption Package: linux; Maintainer for linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: Henri Salo <henri@nervfi> Date: Tue, 6 May 2014 07:00:01 UTC Severity: grave Tags: security Found in versions 3241-2 ...

Debian Bug report logs - #747326 CVE-2014-3122: try_to_unmap_cluster() should lock_page() before mlocking Package: linux; Maintainer for linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: Henri Salo <henri@nervfi> Date: Wed, 7 May 2014 14:48:02 UTC Severity: important Tags: fixed-upstream, p ...

A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory (CVE-2014-1737, Important) It was found that the Linux kerne ...

Several security issues were fixed in the kernel ...

CWE-754 http://www.securityfocus.com/bid/67300 http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html http://secunia.com/advisories/59262 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ef87dbe7614341c2e7bfe8d32fcb7028cc97442c http://secunia.com/advisories/59309 http://secunia.com/advisories/59406 http://www.debian.org/security/2014/dsa-2928 https://bugzilla.redhat.com/show_bug.cgi?id=1094299 http://linux.oracle.com/errata/ELSA-2014-0771.html http://rhn.redhat.com/errata/RHSA-2014-0800.html http://www.openwall.com/lists/oss-security/2014/05/09/2 http://secunia.com/advisories/59599 http://www.debian.org/security/2014/dsa-2926 http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html http://www.securitytracker.com/id/1030474 http://linux.oracle.com/errata/ELSA-2014-3043.html https://github.com/torvalds/linux/commit/ef87dbe7614341c2e7bfe8d32fcb7028cc97442c http://rhn.redhat.com/errata/RHSA-2014-0801.html https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747166 https://access.redhat.com/security/cve/cve-2014-1737 https://usn.ubuntu.com/2219-1/

CVE-2014-1737

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect