7.2
CVE-2014-1737
- EPSS 0.07%
- Published 11.05.2014 21:55:05
- Last modified 12.04.2025 10:46:40
- Source chrome-cve-admin@google.com
- Teams watchlist Login
- Open Login
The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 3.2.59
Linux ≫ Linux Kernel Version >= 3.3 < 3.4.90
Linux ≫ Linux Kernel Version >= 3.5 < 3.10.40
Linux ≫ Linux Kernel Version >= 3.11 < 3.12.20
Linux ≫ Linux Kernel Version >= 3.13 < 3.14.4
Debian ≫ Debian Linux Version6.0
Debian ≫ Debian Linux Version7.0
Suse ≫ Linux Enterprise Desktop Version11 Updatesp3
Suse ≫ Linux Enterprise High Availability Extension Version11 Updatesp3
Suse ≫ Linux Enterprise Real Time Extension Version11 Updatesp3
Suse ≫ Linux Enterprise Server Version11 Updatesp3 SwPlatform-
Suse ≫ Linux Enterprise Server Version11 Updatesp3 SwPlatformvmware
Redhat ≫ Enterprise Linux Eus Version5.6
Redhat ≫ Enterprise Linux Eus Version6.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.217 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-754 Improper Check for Unusual or Exceptional Conditions
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.