// For flags

CVE-2014-2672

kernel: ath9k: tid->sched race in ath_tx_aggr_sleep()

Severity Score

5.9
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a large amount of network traffic that triggers certain list deletions.

Condición de carrera en la función ath_tx_aggr_sleep en drivers/net/wireless/ath/ath9k/xmit.c en el kernel de Linux anterior a 3.13.7 permite a atacantes remotos causar una denegación de servicio (caída de sistema) a través de una cantidad grande de tráfico de red que provoca ciertas eliminaciones de lista.

It was found that a remote attacker could use a race condition flaw in the ath_tx_aggr_sleep() function to crash the system by creating large network traffic on the system's Atheros 9k wireless network adapter.

The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that Linux kernel's ptrace subsystem did not properly sanitize the address-space-control bits when the program-status word was being set. On IBM S/390 systems, a local, unprivileged user could use this flaw to set address-space-control bits to the kernel space, and thus gain read and write access to kernel memory. It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a netlink socket as stdout or stderr to a more privileged process and altering the output of this process.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-03-30 CVE Reserved
  • 2014-04-01 CVE Published
  • 2024-08-06 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 >= 3.2 < 3.2.56
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 3.2.56"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 >= 3.3 < 3.4.92
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.4.92"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 >= 3.5 < 3.10.42
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.5 < 3.10.42"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 >= 3.11 < 3.12.15
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.11 < 3.12.15"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 >= 3.13 < 3.13.7
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 3.13.7"
-
Affected