cpe:/a:redhat:enterprise_mrg:2.0 cpe:/o:linux:linux_kernel:3.14:- cpe:/o:linux:linux_kernel:3.14:rc1 cpe:/o:linux:linux_kernel:3.14:rc2 cpe:/o:linux:linux_kernel:3.14:rc3 cpe:/o:linux:linux_kernel:3.14:rc4 cpe:/o:linux:linux_kernel:3.14:rc5 cpe:/o:linux:linux_kernel:3.14:rc6 cpe:/o:linux:linux_kernel:3.14:rc7 cpe:/o:linux:linux_kernel:3.14:rc8 cpe:/o:linux:linux_kernel:3.14.1 cpe:/o:linux:linux_kernel:3.14.2 cpe:/o:linux:linux_kernel:3.14.3 cpe:/o:linux:linux_kernel:3.14.4 cpe:/o:linux:linux_kernel:3.14.5 cpe:/o:redhat:enterprise_linux:6 CVE-2014-3153 2014-06-07T10:55:27.240-04:00 2017-12-28T21:29:21.033-05:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2014-06-09T11:31:01.483-04:00 SECTRACK 1030451 EXPLOIT-DB 35370 SECUNIA 58500 SECUNIA 58990 SECUNIA 59029 SECUNIA 59092 SECUNIA 59153 SECUNIA 59262 SECUNIA 59309 SECUNIA 59386 SECUNIA 59599 BID 67906 DEBIAN DSA-2949 REDHAT RHSA-2014:0800 SUSE SUSE-SU-2014:0775 SUSE SUSE-SU-2014:0796 SUSE SUSE-SU-2014:0837 SUSE SUSE-SU-2014:1316 SUSE SUSE-SU-2014:1319 UBUNTU USN-2237-1 UBUNTU USN-2240-1 MLIST [oss-security] 20140605 Linux kernel futex local privilege escalation (CVE-2014-3153) MLIST [oss-security] 20140605 Re: Linux kernel futex local privilege escalation (CVE-2014-3153) MLIST [oss-security] 20140606 Re: Linux kernel futex local privilege escalation (CVE-2014-3153) CONFIRM http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e9c243a5a6de0be8e584c604d353412584b592f8 CONFIRM http://linux.oracle.com/errata/ELSA-2014-0771.html CONFIRM http://linux.oracle.com/errata/ELSA-2014-3037.html CONFIRM http://linux.oracle.com/errata/ELSA-2014-3038.html CONFIRM http://linux.oracle.com/errata/ELSA-2014-3039.html CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1103626 CONFIRM https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=13fbca4c6ecd96ec1a1cfa2e4f2ce191fe928a5e CONFIRM https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54a217887a7b658e2650c3feff22756ab80c7339 CONFIRM https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b3eaa9fc5cd0a4d74b18f6b8dc617aeaf1873270 CONFIRM https://github.com/torvalds/linux/commit/e9c243a5a6de0be8e584c604d353412584b592f8 SUSE openSUSE-SU-2014:0878 The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.