CVE-2014-3153
Linux Kernel Privilege Escalation Vulnerability
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
9
*Multiple Sources
Exploited in Wild
Yes
*KEV
Decision
-
*SSVC
Descriptions
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.
La función futex_requeue en kernel/futex.c en el kernel de Linux hasta 3.14.5 no asegura que las llamadas tengan dos direcciones futex diferentes, lo que permite a usuarios locales ganar privilegios a través de un comando FUTEX_REQUEUE manipulado que facilita la modificación insegura del objeto o función a la espera.
A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system.
The futex_requeue function in kernel/futex.c in Linux kernel does not ensure that calls have two different futex addresses, which allows local users to gain privileges.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-05-03 CVE Reserved
- 2014-06-05 CVE Published
- 2014-11-25 First Exploit
- 2022-05-25 Exploited in Wild
- 2022-06-15 KEV Due Date
- 2024-07-03 EPSS Updated
- 2024-08-06 CVE Updated
CWE
CAPEC
References (45)
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/35370 | 2014-11-25 | |
| https://github.com/timwr/CVE-2014-3153 | 2017-04-25 | |
| https://github.com/lieanu/CVE-2014-3153 | 2015-01-24 | |
| https://github.com/elongl/CVE-2014-3153 | 2024-08-06 | |
| https://github.com/zerodavinci/CVE-2014-3153-exploit | 2016-03-08 | |
| https://github.com/c3c/CVE-2014-3153 | 2015-09-04 | |
| http://www.debian.org/security/2014/dsa-2949 | 2024-08-06 | |
| http://www.exploit-db.com/exploits/35370 | 2024-08-06 | |
| https://elongl.github.io/exploitation/2021/01/08/cve-2014-3153.html | 2024-08-06 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 3.2.60 Search vendor "Linux" for product "Linux Kernel" and version " < 3.2.60" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.3 < 3.4.92 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.4.92" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.5 < 3.10.42 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.5 < 3.10.42" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.11 < 3.12.22 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.11 < 3.12.22" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 3.14.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 3.14.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus" | 6.2 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "6.2" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 11.4 Search vendor "Opensuse" for product "Opensuse" and version "11.4" | - |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Desktop Search vendor "Suse" for product "Linux Enterprise Desktop" | 11 Search vendor "Suse" for product "Linux Enterprise Desktop" and version "11" | sp3 |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise High Availability Extension Search vendor "Suse" for product "Linux Enterprise High Availability Extension" | 11 Search vendor "Suse" for product "Linux Enterprise High Availability Extension" and version "11" | sp3 |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Real Time Extension Search vendor "Suse" for product "Linux Enterprise Real Time Extension" | 11 Search vendor "Suse" for product "Linux Enterprise Real Time Extension" and version "11" | sp3 |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 11 Search vendor "Suse" for product "Linux Enterprise Server" and version "11" | - |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 11 Search vendor "Suse" for product "Linux Enterprise Server" and version "11" | sp2, ltss |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 11 Search vendor "Suse" for product "Linux Enterprise Server" and version "11" | sp3 |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 11 Search vendor "Suse" for product "Linux Enterprise Server" and version "11" | sp3, vmware |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | esm |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Linux Search vendor "Oracle" for product "Linux" | 5 Search vendor "Oracle" for product "Linux" and version "5" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Linux Search vendor "Oracle" for product "Linux" | 6 Search vendor "Oracle" for product "Linux" and version "6" | - |
Affected
| ||||||