4.7
CVE-2014-2673
- EPSS 0.4%
- Veröffentlicht 01.04.2014 06:35:53
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The arch_dup_task_struct function in the Transactional Memory (TM) implementation in arch/powerpc/kernel/process.c in the Linux kernel before 3.13.7 on the powerpc platform does not properly interact with the clone and fork system calls, which allows local users to cause a denial of service (Program Check and system crash) via certain instructions that are executed with the processor in the Transactional state.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 3.13.7
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.4% | 0.317 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.7 | 3.4 | 6.9 |
AV:L/AC:M/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.7
http://www.openwall.com/lists/oss-security/2014/03/30/5
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.15
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=621b5060e823301d0cba4cb52a7ee3491922d291
http://secunia.com/advisories/57436
http://www.securityfocus.com/bid/66477
https://exchange.xforce.ibmcloud.com/vulnerabilities/92113
https://github.com/torvalds/linux/commit/621b5060e823301d0cba4cb52a7ee3491922d291