|Date: (C)2014-06-16 (M)2017-11-18|| |
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.
|CVSS Score: 7.2||Access Vector: LOCAL|
|Exploit Score: 3.9||Access Complexity: LOW|
|Impact Score: 10.0||Authentication: NONE|
| ||Confidentiality: COMPLETE|
| ||Integrity: COMPLETE|
| ||Availability: COMPLETE|