The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
21 Nov 2024, 02:04
Type | Values Removed | Values Added |
---|---|---|
References | () http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ef87dbe7614341c2e7bfe8d32fcb7028cc97442c - | |
References | () http://linux.oracle.com/errata/ELSA-2014-0771.html - | |
References | () http://linux.oracle.com/errata/ELSA-2014-3043.html - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html - | |
References | () http://rhn.redhat.com/errata/RHSA-2014-0800.html - | |
References | () http://rhn.redhat.com/errata/RHSA-2014-0801.html - | |
References | () http://secunia.com/advisories/59262 - | |
References | () http://secunia.com/advisories/59309 - | |
References | () http://secunia.com/advisories/59406 - | |
References | () http://secunia.com/advisories/59599 - | |
References | () http://www.debian.org/security/2014/dsa-2926 - | |
References | () http://www.debian.org/security/2014/dsa-2928 - | |
References | () http://www.openwall.com/lists/oss-security/2014/05/09/2 - | |
References | () http://www.securityfocus.com/bid/67300 - | |
References | () http://www.securitytracker.com/id/1030474 - | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1094299 - | |
References | () https://github.com/torvalds/linux/commit/ef87dbe7614341c2e7bfe8d32fcb7028cc97442c - |
07 Nov 2023, 02:19
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | () http://www.securityfocus.com/bid/67300 - | |
References | () http://www.openwall.com/lists/oss-security/2014/05/09/2 - | |
References | () http://secunia.com/advisories/59599 - | |
References | () http://www.debian.org/security/2014/dsa-2926 - | |
References | () https://github.com/torvalds/linux/commit/ef87dbe7614341c2e7bfe8d32fcb7028cc97442c - | |
References | () http://rhn.redhat.com/errata/RHSA-2014-0800.html - | |
References | () http://secunia.com/advisories/59309 - | |
References | () http://linux.oracle.com/errata/ELSA-2014-0771.html - | |
References | () http://www.securitytracker.com/id/1030474 - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html - | |
References | () http://linux.oracle.com/errata/ELSA-2014-3043.html - | |
References | () http://secunia.com/advisories/59406 - | |
References | () http://rhn.redhat.com/errata/RHSA-2014-0801.html - | |
References | () http://www.debian.org/security/2014/dsa-2928 - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html - | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1094299 - | |
References | () http://secunia.com/advisories/59262 - |
Information
Published : 2014-05-11 21:55
Updated : 2024-11-21 02:04
NVD link : CVE-2014-1737
Mitre link : CVE-2014-1737
CVE.ORG link : CVE-2014-1737
JSON object : View
Products Affected
oracle
- linux
suse
- linux_enterprise_server
- linux_enterprise_desktop
- linux_enterprise_real_time_extension
- linux_enterprise_high_availability_extension
linux
- linux_kernel
redhat
- enterprise_linux_eus
debian
- debian_linux
CWE
CWE-754
Improper Check for Unusual or Exceptional Conditions