1. Home
  2. Vulnerabilities
  3. CVE-2014-1737

CVE-2014-1737

CVSS v2.0 7.2 (High)
72% Progress
EPSS 0.04 % (11th)
0.04% Progress
Affected Products 8
Advisories 58
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

Weaknesses
CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE Status
PUBLISHED
CNA
Chrome
Published Date
2014-05-11 21:55:05
(10 years ago)
Updated Date
2023-11-07 02:19:17
(10 months ago)

Affected Products

Debian

Linux

Oracle

Redhat

Suse

Configuration #1

    CPE23 From Up To
  Linux Kernel prior 3.2.59 version cpe:2.3:o:linux:linux_kernel < 3.2.59
  Linux Kernel from 3.3 version and prior 3.4.90 version cpe:2.3:o:linux:linux_kernel >= 3.3 < 3.4.90
  Linux Kernel from 3.5 version and prior 3.10.40 version cpe:2.3:o:linux:linux_kernel >= 3.5 < 3.10.40
  Linux Kernel from 3.11 version and prior 3.12.20 version cpe:2.3:o:linux:linux_kernel >= 3.11 < 3.12.20
  Linux Kernel from 3.13 version and prior 3.14.4 version cpe:2.3:o:linux:linux_kernel >= 3.13 < 3.14.4

Configuration #2

    CPE23 From Up To
  Oracle Linux 5 cpe:2.3:o:oracle:linux:5:-
  Oracle Linux 6 cpe:2.3:o:oracle:linux:6:-

Configuration #3

    CPE23 From Up To
  Debian Linux 6.0 cpe:2.3:o:debian:debian_linux:6.0
  Debian Linux 7.0 cpe:2.3:o:debian:debian_linux:7.0

Configuration #4

    CPE23 From Up To
  Suse Linux Enterprise Desktop 11 SP3 cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3
  Suse Linux Enterprise High Availability Extension 11 SP3 cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3
  Suse Linux Enterprise Real Time Extension 11 SP3 cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3
  Suse Linux Enterprise Server 11 SP3 For cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-
  Suse Linux Enterprise Server 11 SP3 for Vmware cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware

Configuration #5

    CPE23 From Up To
  Redhat Enterprise Linux Eus 5.6 cpe:2.3:o:redhat:enterprise_linux_eus:5.6
  Redhat Enterprise Linux Eus 6.3 cpe:2.3:o:redhat:enterprise_linux_eus:6.3