#VU92514 Improper privilege management in Linux kernel
Vulnerability identifier: #VU92514
Vulnerability risk: Low
CVSSv3.1: 7.5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-269
Exploitation vector: Local
Exploit availability: Yes
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper privilege management error within the futex_requeue() and futex_wait_requeue_pi() functions in kernel/futex.c. A local user can execute arbitrary code.
Mitigation
Install update from vendor's repository.
Vulnerable software versions
Linux kernel:
External links
http://openwall.com/lists/oss-security/2014/06/05/24
http://www.openwall.com/lists/oss-security/2014/06/05/22
http://openwall.com/lists/oss-security/2014/06/06/20
http://bugzilla.redhat.com/show_bug.cgi?id=1103626
http://github.com/torvalds/linux/commit/e9c243a5a6de0be8e584c604d353412584b592f8
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e9c243a5a6de0be8e584c604d353412584b592f8
http://secunia.com/advisories/59153
http://secunia.com/advisories/59092
http://secunia.com/advisories/59029
http://linux.oracle.com/errata/ELSA-2014-3038.html
http://secunia.com/advisories/58500
http://linux.oracle.com/errata/ELSA-2014-3039.html
http://www.securityfocus.com/bid/67906
http://linux.oracle.com/errata/ELSA-2014-3037.html
http://secunia.com/advisories/58990
http://secunia.com/advisories/59309
http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00006.html
http://secunia.com/advisories/59599
http://linux.oracle.com/errata/ELSA-2014-0771.html
http://secunia.com/advisories/59262
http://secunia.com/advisories/59386
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
http://www.exploit-db.com/exploits/35370
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b3eaa9fc5cd0a4d74b18f6b8dc617aeaf1873270
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54a217887a7b658e2650c3feff22756ab80c7339
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=13fbca4c6ecd96ec1a1cfa2e4f2ce191fe928a5e
http://www.securitytracker.com/id/1030451
http://rhn.redhat.com/errata/RHSA-2014-0800.html
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00025.html
http://www.ubuntu.com/usn/USN-2240-1
http://www.ubuntu.com/usn/USN-2237-1
http://www.debian.org/security/2014/dsa-2949
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00018.html
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00014.html
http://www.openwall.com/lists/oss-security/2021/02/01/4
http://github.com/elongl/CVE-2014-3153
http://elongl.github.io/exploitation/2021/01/08/cve-2014-3153.html
http://www.openwall.com/lists/oss-security/2021/02/01/4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
