The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.
Metrics
Affected Vendors & Products
References
History
Tue, 13 Aug 2024 23:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: Chrome
Published: 2014-06-07T14:00:00
Updated: 2024-08-06T10:35:56.633Z
Reserved: 2014-05-03T00:00:00
Link: CVE-2014-3153
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2014-06-07T14:55:27.240
Modified: 2024-12-19T18:24:49.963
Link: CVE-2014-3153
Redhat