6.9
CVE-2014-9529
- EPSS 0.34%
- Veröffentlicht 09.01.2015 21:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 3.2.67
Linux ≫ Linux Kernel Version >= 3.3 < 3.4.107
Linux ≫ Linux Kernel Version >= 3.5 < 3.10.67
Linux ≫ Linux Kernel Version >= 3.11 <= 3.12.37
Linux ≫ Linux Kernel Version >= 3.13 <= 3.14.31
Linux ≫ Linux Kernel Version >= 3.15 < 3.16.35
Linux ≫ Linux Kernel Version >= 3.17 < 3.18.5
Redhat ≫ Enterprise Linux Desktop Version6.0
Redhat ≫ Enterprise Linux Desktop Version7.0
Redhat ≫ Enterprise Linux Server Version6.0
Redhat ≫ Enterprise Linux Server Version7.0
Redhat ≫ Enterprise Linux Server Aus Version6.6
Redhat ≫ Enterprise Linux Server Aus Version7.3
Redhat ≫ Enterprise Linux Server Aus Version7.4
Redhat ≫ Enterprise Linux Server Aus Version7.6
Redhat ≫ Enterprise Linux Server Aus Version7.7
Redhat ≫ Enterprise Linux Server Eus Version6.6
Redhat ≫ Enterprise Linux Server Eus Version7.1
Redhat ≫ Enterprise Linux Server Eus Version7.2
Redhat ≫ Enterprise Linux Server Eus Version7.3
Redhat ≫ Enterprise Linux Server Eus Version7.4
Redhat ≫ Enterprise Linux Server Eus Version7.5
Redhat ≫ Enterprise Linux Server Eus Version7.6
Redhat ≫ Enterprise Linux Server Eus Version7.7
Redhat ≫ Enterprise Linux Server Tus Version6.6
Redhat ≫ Enterprise Linux Server Tus Version7.3
Redhat ≫ Enterprise Linux Server Tus Version7.6
Redhat ≫ Enterprise Linux Server Tus Version7.7
Redhat ≫ Enterprise Linux Workstation Version6.0
Redhat ≫ Enterprise Linux Workstation Version7.0
Fedoraproject ≫ Fedora Version20
Fedoraproject ≫ Fedora Version21
Debian ≫ Debian Linux Version7.0
Debian ≫ Debian Linux Version8.0
Canonical ≫ Ubuntu Linux Version10.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version14.10
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.34% | 0.256 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.9 | 3.4 | 10 |
AV:L/AC:M/Au:N/C:C/I:C/A:C
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
http://www.debian.org/security/2015/dsa-3128
http://rhn.redhat.com/errata/RHSA-2015-0864.html
http://www.securitytracker.com/id/1036763
http://www.ubuntu.com/usn/USN-2513-1
http://www.ubuntu.com/usn/USN-2514-1
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html
http://www.ubuntu.com/usn/USN-2515-1
http://www.ubuntu.com/usn/USN-2516-1
http://www.ubuntu.com/usn/USN-2517-1
http://www.ubuntu.com/usn/USN-2518-1
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html
http://rhn.redhat.com/errata/RHSA-2015-1137.html
http://rhn.redhat.com/errata/RHSA-2015-1138.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a3a8784454692dd72e5d5d34dcdab17b4420e74c
http://www.openwall.com/lists/oss-security/2015/01/06/10
http://www.securityfocus.com/bid/71880
http://www.ubuntu.com/usn/USN-2511-1
http://www.ubuntu.com/usn/USN-2512-1
https://bugzilla.redhat.com/show_bug.cgi?id=1179813
https://exchange.xforce.ibmcloud.com/vulnerabilities/99641
https://github.com/torvalds/linux/commit/a3a8784454692dd72e5d5d34dcdab17b4420e74c