CVE-2014-1737

Published May 11, 2014

Last updated 3 months ago

CVSS info 7.2

Overview

Description: The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.
Source: chrome-cve-admin@google.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-754

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74BC856E-F9AD-434B-8F63-644F2AC5F067",
            "versionEndExcluding": "3.2.59"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD302139-CFCB-4323-9D29-011D8936F1C3",
            "versionEndExcluding": "3.4.90",
            "versionStartIncluding": "3.3"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "287DC65B-A513-4FB9-A1CF-69F428030DF8",
            "versionEndExcluding": "3.10.40",
            "versionStartIncluding": "3.5"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D82F8C94-5FA7-4A7A-8855-ECF21B3BBD42",
            "versionEndExcluding": "3.12.20",
            "versionStartIncluding": "3.11"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9996644C-371E-49B9-A494-733B1EA513EC",
            "versionEndExcluding": "3.14.4",
            "versionStartIncluding": "3.13"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B"
          },
          {
            "criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3A907A3-2A3A-46D4-8D75-914649877B65"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DB41B45-D94D-4A58-88B0-B3EC3EC350E2"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "903512FC-0017-4564-9B89-7E64FFB14B11"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References