CVE-2014-1737

{"id": "CVE-2014-1737", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-05-11T21:55:05.810", "references": [{"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ef87dbe7614341c2e7bfe8d32fcb7028cc97442c", "source": "chrome-cve-admin@google.com"}, {"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html", "source": "chrome-cve-admin@google.com"}, {"url": "http://linux.oracle.com/errata/ELSA-2014-3043.html", "source": "chrome-cve-admin@google.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html", "source": "chrome-cve-admin@google.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html", "source": "chrome-cve-admin@google.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-0800.html", "source": "chrome-cve-admin@google.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-0801.html", "source": "chrome-cve-admin@google.com"}, {"url": "http://secunia.com/advisories/59262", "source": "chrome-cve-admin@google.com"}, {"url": "http://secunia.com/advisories/59309", "source": "chrome-cve-admin@google.com"}, {"url": "http://secunia.com/advisories/59406", "source": "chrome-cve-admin@google.com"}, {"url": "http://secunia.com/advisories/59599", "source": "chrome-cve-admin@google.com"}, {"url": "http://www.debian.org/security/2014/dsa-2926", "source": "chrome-cve-admin@google.com"}, {"url": "http://www.debian.org/security/2014/dsa-2928", "source": "chrome-cve-admin@google.com"}, {"url": "http://www.openwall.com/lists/oss-security/2014/05/09/2", "source": "chrome-cve-admin@google.com"}, {"url": "http://www.securityfocus.com/bid/67300", "source": "chrome-cve-admin@google.com"}, {"url": "http://www.securitytracker.com/id/1030474", "source": "chrome-cve-admin@google.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094299", "source": "chrome-cve-admin@google.com"}, {"url": "https://github.com/torvalds/linux/commit/ef87dbe7614341c2e7bfe8d32fcb7028cc97442c", "source": "chrome-cve-admin@google.com"}, {"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ef87dbe7614341c2e7bfe8d32fcb7028cc97442c", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://linux.oracle.com/errata/ELSA-2014-3043.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-0800.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-0801.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/59262", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/59309", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/59406", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/59599", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2014/dsa-2926", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2014/dsa-2928", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2014/05/09/2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/67300", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1030474", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094299", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/torvalds/linux/commit/ef87dbe7614341c2e7bfe8d32fcb7028cc97442c", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-754"}]}], "descriptions": [{"lang": "en", "value": "The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device."}, {"lang": "es", "value": "La funci\u00f3n raw_cmd_copyin en drivers/block/floppy.c en el kernel de Linux hasta 3.14.3 no maneja debidamente condiciones de error durante el procesado de una llamada FDRAWCMD ioctl, lo que permite a usuarios locales provocar operaciones kfree y ganar privilegios mediante el aprovechamiento de acceso de escritura hacia un dispositivo /dev/fd."}], "lastModified": "2024-11-21T02:04:55.980", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74BC856E-F9AD-434B-8F63-644F2AC5F067", "versionEndExcluding": "3.2.59"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD302139-CFCB-4323-9D29-011D8936F1C3", "versionEndExcluding": "3.4.90", "versionStartIncluding": "3.3"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "287DC65B-A513-4FB9-A1CF-69F428030DF8", "versionEndExcluding": "3.10.40", "versionStartIncluding": "3.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D82F8C94-5FA7-4A7A-8855-ECF21B3BBD42", "versionEndExcluding": "3.12.20", "versionStartIncluding": "3.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9996644C-371E-49B9-A494-733B1EA513EC", "versionEndExcluding": "3.14.4", "versionStartIncluding": "3.13"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B"}, {"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244"}, {"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3A907A3-2A3A-46D4-8D75-914649877B65"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DB41B45-D94D-4A58-88B0-B3EC3EC350E2"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*", "vulnerable": true, "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "vulnerable": true, "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "903512FC-0017-4564-9B89-7E64FFB14B11"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3"}], "operator": "OR"}]}], "sourceIdentifier": "chrome-cve-admin@google.com"}