CVE-2014-3153: Linux Kernel Privilege Escalation Vulnerability
First published: Mon Jun 02 2014(Updated: )
A flaw was found in the way pi to pi futex requeueing was handled. A local unprivileged user can use this flaw to increase their privileges on the system.
Credit: chrome-cve-admin@google.com cve-coordination@google.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Kernel-devel | ||
| Linux Kernel | <3.2.60 | |
| Linux Kernel | >=3.3<3.4.92 | |
| Linux Kernel | >=3.5<3.10.42 | |
| Linux Kernel | >=3.11<3.12.22 | |
| Linux Kernel | >=3.13<3.14.6 | |
| Red Hat Enterprise Linux Server | =6.2 | |
| openSUSE | =11.4 | |
| SUSE Linux Enterprise Desktop | =11-sp3 | |
| SUSE Linux Enterprise High Availability | =11-sp3 | |
| SUSE Linux Enterprise Real Time Extension | =11-sp3 | |
| SUSE Linux Enterprise Server | =11 | |
| SUSE Linux Enterprise Server | =11-sp2 | |
| SUSE Linux Enterprise Server | =11-sp3 | |
| SUSE Linux Enterprise Server | =11-sp3 | |
| Ubuntu | =12.04 | |
| Ubuntu | =14.04 | |
| Oracle Linux | =5 | |
| Oracle Linux | =6 | |
| debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2014/06/05/22
- http://openwall.com/lists/oss-security/2014/06/05/24
- http://openwall.com/lists/oss-security/2014/06/06/20
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e9c243a5a6de0be8e584c604d353412584b592f8
- https://bugzilla.redhat.com/show_bug.cgi?id=1103626
- https://github.com/torvalds/linux/commit/e9c243a5a6de0be8e584c604d353412584b592f8
- http://linux.oracle.com/errata/ELSA-2014-3037.html
- http://linux.oracle.com/errata/ELSA-2014-3038.html
- http://linux.oracle.com/errata/ELSA-2014-3039.html
- http://www.securityfocus.com/bid/67906
- http://secunia.com/advisories/58500
- http://secunia.com/advisories/58990
- http://secunia.com/advisories/59029
- http://secunia.com/advisories/59153
- http://secunia.com/advisories/59092
- http://linux.oracle.com/errata/ELSA-2014-0771.html
- http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00006.html
- http://secunia.com/advisories/59309
- http://secunia.com/advisories/59599
- http://secunia.com/advisories/59262
- http://secunia.com/advisories/59386
- http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
- http://www.exploit-db.com/exploits/35370
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=13fbca4c6ecd96ec1a1cfa2e4f2ce191fe928a5e
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54a217887a7b658e2650c3feff22756ab80c7339
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b3eaa9fc5cd0a4d74b18f6b8dc617aeaf1873270
- http://www.securitytracker.com/id/1030451
- http://rhn.redhat.com/errata/RHSA-2014-0800.html
- http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00025.html
- http://www.debian.org/security/2014/dsa-2949
- http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00018.html
- http://www.ubuntu.com/usn/USN-2237-1
- http://www.ubuntu.com/usn/USN-2240-1
- https://elongl.github.io/exploitation/2021/01/08/cve-2014-3153.html
- https://github.com/elongl/CVE-2014-3153
- https://www.openwall.com/lists/oss-security/2021/02/01/4
- http://www.openwall.com/lists/oss-security/2021/02/01/4
- https://launchpad.net/bugs/cve/CVE-2014-3153
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9c243a5a6de0be8e584c604d353412584b592f8
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1105609
- https://rhn.redhat.com/errata/RHSA-2014-0771.html
- https://rhn.redhat.com/errata/RHSA-2014-0786.html
- https://rhn.redhat.com/errata/RHSA-2014-0800.html
- https://rhn.redhat.com/errata/RHSA-2014-0900.html
- https://rhn.redhat.com/errata/RHSA-2014-0913.html
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e9c243a5a6de0be8e584c604d353412584b592f8
- https://nvd.nist.gov/vuln/detail/CVE-2014-3153
- http://thread.gmane.org/gmane.linux.kernel.stable/92357
- https://security-tracker.debian.org/tracker/CVE-2014-3153
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153
- https://ubuntu.com/security/CVE-2014-3153
Frequently Asked Questions
What is the severity of CVE-2014-3153?
CVE-2014-3153 is rated as a high-severity vulnerability due to its potential to allow local unprivileged users to escalate privileges.
How do I fix CVE-2014-3153?
To fix CVE-2014-3153, update the Linux kernel to a version that is not affected, such as any version after 3.14.6.
What systems are affected by CVE-2014-3153?
CVE-2014-3153 affects multiple versions of the Linux kernel, including versions up to 3.14.6 and certain distributions like Ubuntu 12.04 and Red Hat Enterprise Linux 6.2.
Can CVE-2014-3153 be exploited remotely?
No, CVE-2014-3153 can only be exploited locally by an unprivileged user on the affected system.
What is the impact of exploiting CVE-2014-3153?
Exploitation of CVE-2014-3153 allows an attacker to increase their privileges on the system, potentially leading to unauthorized access and control.
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2014-3153
- agent/weakness
- agent/title
- agent/severity
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/remedy
- agent/description
- agent/trending
- agent/source
- agent/author
- agent/last-modified-date
- agent/event
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/security-tracker-debian
- source/Debian
- collector/nvd-api
- source/NVD
- collector/nvd-cve
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- vendor/linux
- canonical/red hat kernel-devel
- package-manager/debian
- canonical/linux kernel
- version/linux kernel/3.3
- version/linux kernel/3.5
- version/linux kernel/3.11
- version/linux kernel/3.13
- vendor/redhat
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/6.2
- vendor/opensuse
- canonical/opensuse
- version/opensuse/11.4
- vendor/suse
- canonical/suse linux enterprise desktop
- version/suse linux enterprise desktop/11-sp3
- canonical/suse linux enterprise high availability
- version/suse linux enterprise high availability/11-sp3
- canonical/suse linux enterprise real time extension
- version/suse linux enterprise real time extension/11-sp3
- canonical/suse linux enterprise server
- version/suse linux enterprise server/11
- version/suse linux enterprise server/11-sp2
- version/suse linux enterprise server/11-sp3
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/12.04
- version/ubuntu/14.04
- vendor/oracle
- canonical/oracle linux
- version/oracle linux/5
- version/oracle linux/6