CVE-2014-1419

2014-07-2414:55:06

CWE-362

canonical

web.nvd.nist.gov

cve-2014-1419

race condition

power policy

acpi support

privilege escalation

vulnerability

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

Percentile

5.1%

JSON

Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.

Affected configurations

Nvd

Node

canonicalacpi-supportRange≤0.141

canonicalubuntu_linuxMatch12.04-lts

VendorProductVersionCPE
canonicalacpi-support*cpe:2.3:a:canonical:acpi-support:*:*:*:*:*:*:*:*
canonicalubuntu_linux12.04cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*

Vendor	Product	Version	CPE
canonical	acpi-support	*	cpe:2.3:a:canonical:acpi-support::::::::
canonical	ubuntu_linux	12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:::::*