Pinkie Pie discovered an issue in the futex subsystem that
allows a local user to gain ring 0 control via the futex syscall. An
unprivileged user could use this flaw to crash the kernel (resulting in
denial of service) or for privilege escalation.

CVE-2014-1438:

The restore_fpu_checking function in
arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the
AMD K7 and K8 platforms does not clear pending exceptions before proceeding
to an EMMS instruction, which allows local users to cause a denial of
service (task kill) or possibly gain privileges via a crafted application.

For Debian 6 Squeeze, these issues have been fixed in linux-2.6 version 2.6.32-48squeeze7

CPENameOperatorVersion
linux-2.6eq2.6.32-30
linux-2.6eq2.6.32-30+m68k.5
linux-2.6eq2.6.32-31
linux-2.6eq2.6.32-31~bpo50+1
linux-2.6eq2.6.32-32
linux-2.6eq2.6.32-33
linux-2.6eq2.6.32-34
linux-2.6eq2.6.32-34squeeze1
linux-2.6eq2.6.32-35
linux-2.6eq2.6.32-35squeeze1

Name	Operator	Version
linux-2.6	eq	2.6.32-30
linux-2.6	eq	2.6.32-30+m68k.5
linux-2.6	eq	2.6.32-31
linux-2.6	eq	2.6.32-31~bpo50+1
linux-2.6	eq	2.6.32-32
linux-2.6	eq	2.6.32-33
linux-2.6	eq	2.6.32-34
linux-2.6	eq	2.6.32-34squeeze1
linux-2.6	eq	2.6.32-35
linux-2.6	eq	2.6.32-35squeeze1

Rows per page:

1-10 of 331

References

www.debian.org/lts/security/2014/dla-0007

openvas 56

ubuntucve 2

cvelist 2

cve 2

prion 2

nvd 2

amazon 2

threatpost 6

debiancve 2

altlinux 3

zdt 2

saint 4

android 1

attackerkb 1

hackerone 1

suse 7

thn 5

cisa_kev 1

securityvulns 3

oraclelinux 5

nessus 34

exploitpack 1

metasploit 1

canvas 1

packetstorm 1

cloudfoundry 1

ubuntu 12

exploitdb 1

chrome 1

redhat 5

mageia 12

osv 2

debian 3

securelist 1

fedora 3

centos 1

veracode 10

openvas

Debian: Security Advisory (DLA-0007-1)

2023-03-08 00:00:00

Oracle: Security Advisory (ELSA-2014-3037)

2015-10-06 00:00:00

Oracle: Security Advisory (ELSA-2014-3038)

2015-10-06 00:00:00

ubuntucve

CVE-2014-1438

2014-01-18 00:00:00

CVE-2014-3153

2014-06-05 00:00:00

cvelist

CVE-2014-1438

2014-01-18 22:00:00

CVE-2014-3153

2014-06-07 14:00:00

cve

CVE-2014-1438

2014-01-18 22:55:03

CVE-2014-3153

2014-06-07 14:55:27

prion

Design/Logic Flaw

2014-01-18 22:55:00

Command injection

2014-06-07 14:55:00

nvd

CVE-2014-1438

2014-01-18 22:55:03

CVE-2014-3153

2014-06-07 14:55:27

amazon

Medium: kernel

2014-06-15 16:30:00

Medium: kernel

2014-08-21 11:03:00

threatpost

CopyCat Malware Infected 14M Android Devices, Rooted 8M, in 2016

2017-07-06 13:49:02

Android Ransomware Attacks Using Towelroot, Hacking Team Exploits

2016-04-25 15:36:33

Google Play Hit With Rash of Auto-Rooting Malware

2016-06-28 12:29:57

debiancve

CVE-2014-3153

2014-06-07 14:55:27

CVE-2014-1438

2014-01-18 22:55:03

altlinux

Security fix for the ALT Linux 7 package kernel-image-un-def version 1:3.14.5-alt2

2014-06-06 00:00:00

Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt23

2014-06-09 00:00:00

Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt25

2014-06-21 00:00:00

zdt

Linux Kernel libfutex Local Root for RHEL/CentOS 7.0.1406 Exploit

2014-11-26 00:00:00

Android Futex Requeue Kernel Exploit

2015-02-10 00:00:00

saint

Linux kernel futex_requeue privilege elevation

2014-12-03 00:00:00

Linux kernel futex_requeue privilege elevation

2014-12-03 00:00:00

Linux kernel futex_requeue privilege elevation

2014-12-03 00:00:00

android

TowelRoot

2014-06-05 00:00:00

attackerkb

CVE-2014-3153

2014-06-07 00:00:00

hackerone

Sandbox Escape: Linux PI futex self-requeue bug

2014-05-26 05:00:49

suse

kernel update fixes local privilege escalation and a regression causing a crash if IPsec peer is unavailable (important)

2014-07-08 20:04:15

Security update for Linux Kernel (important)

2014-06-25 00:04:51

Security update for Linux Kernel (critical)

2014-06-11 05:04:34

thn

Towelroot : One-Click Android Rooting Tool Released By Geohot

2014-06-17 22:49:00

Over 1 Million Google Accounts Hacked by 'Gooligan' Android Malware

2016-11-30 05:44:00

CopyCat Android Rooting Malware Infected 14 Million Devices

2017-07-06 05:17:00

cisa_kev

Linux Kernel Privilege Escalation Vulnerability

2022-05-25 00:00:00

securityvulns

Linux privilege escalation

2014-06-09 00:00:00

[oss-security] Linux kernel futex local privilege escalation (CVE-2014-3153)

2014-06-09 00:00:00

[ MDVSA-2014:038 ] kernel

2014-02-18 00:00:00

oraclelinux

Unbreakable Enterprise kernel security update

2014-06-06 00:00:00

Unbreakable Enterprise kernel security update

2014-06-07 00:00:00

unbreakable enterprise kernel security update

2014-06-07 00:00:00

nessus

SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 9328 / 9329 / 9330)

2014-06-11 00:00:00

Ubuntu 12.04 LTS : linux-lts-quantal vulnerability (USN-2237-1)

2014-06-06 00:00:00

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3039)

2014-06-09 00:00:00

exploitpack

Linux Kernel 3.14.5 (CentOS 7 RHEL) - libfutex Local Privilege Escalation

2014-11-25 00:00:00

metasploit

Android 'Towelroot' Futex Requeue Kernel Exploit

2014-12-01 03:49:22

canvas

Immunity Canvas: LINUX_FUTEX_REQUEUE

2014-06-07 14:55:00

packetstorm

Android Futex Requeue Kernel Exploit

2015-02-09 00:00:00

cloudfoundry

CVE-2014-3153 Futex requeue exploit | Cloud Foundry

2014-08-18 00:00:00

ubuntu

Linux kernel (Quantal HWE) vulnerability

2014-06-05 00:00:00

Linux kernel (EC2) vulnerabilities

2014-06-05 00:00:00

Linux kernel vulnerabilities

2014-06-05 00:00:00

exploitdb

Linux Kernel 3.14.5 (CentOS 7 / RHEL) - 'libfutex' Local Privilege Escalation

2014-11-25 00:00:00

chrome

Stable Channel Update for Chrome OS

2014-06-10 00:00:00

redhat

(RHSA-2014:0800) Important: kernel security update

2014-06-26 00:00:00

(RHSA-2014:0900) Important: kernel security and bug fix update

2014-07-17 00:00:00

(RHSA-2014:0771) Important: kernel security and bug fix update

2014-06-19 00:00:00

mageia

Updated kernel packages fixes security vulnerabilities.

2014-06-19 00:50:01

Updated kernel package fixes one critical and a few other security issues

2014-02-08 23:01:59

Updated kernel-tmb packages fix multiple vulnerabilities

2014-02-11 00:09:03

osv

linux - security update

2014-06-05 00:00:00

openssl - security update

2014-06-05 00:00:00

debian

[SECURITY] [DSA 2949-1] linux security update

2014-06-05 12:15:58

[SECURITY] [DSA 2949-1] linux security update

2014-06-05 12:15:58

[SECURITY] [DSA 2950-1] openssl security update

2014-06-05 11:51:34

securelist

Skygofree: Following in the footsteps of HackingTeam

2018-01-16 10:00:58

fedora

[SECURITY] Fedora 20 Update: kernel-3.12.8-300.fc20

2014-01-20 03:07:48

[SECURITY] Fedora 20 Update: kernel-3.13.3-201.fc20

2014-02-17 21:05:53

[SECURITY] Fedora 20 Update: kernel-3.13.5-200.fc20

2014-02-28 18:35:59

centos

kernel, perf, python security update

2014-06-20 10:10:41

veracode

Sensitive Information Disclosure

2019-05-02 04:57:44

Sensitive Information Disclosure

2019-05-02 04:57:44

Denial Of Service (DoS)

2019-05-02 04:57:44

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.006 Low

EPSS

Percentile

79.1%

JSON

Related for OSV:DLA-0007-1