Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

SAINT CorporationSAINT:8BE23F1EC35A570A9A83983E4E020927

HistoryDec 03, 2014 - 12:00 a.m.

Vulners
/
Saint
/
Linux kernel futex_requeue privilege elevation

Linux kernel futex_requeue privilege elevation

2014-12-0300:00:00

SAINT Corporation

download.saintcorporation.com

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.006

Percentile

79.1%

JSON

Added: 12/03/2014
CVE: CVE-2014-3153
BID: 67906
OSVDB: 107752

Background

The futex system call in Linux provides a mechanism for user-space locking.

Problem

A vulnerability in the Linux kernel allows an unprivileged user to gain root access using a specially crafted **futex_requeue** call.

Resolution

Upgrade to a fixed kernel package from your Linux vendor.

References

<https://lists.debian.org/debian-security-announce/2014/msg00130.html>

Limitations

Exploit works on CentOS 7 and Red Hat 7 and requires an existing unprivileged shell connection to the target.

Platforms

Linux

amazon 2

threatpost 6

prion 1

altlinux 3

openvas 58

cvelist 1

debiancve 1

saint 3

attackerkb 1

android 1

zdt 2

cve 1

nessus 37

hackerone 1

oraclelinux 6

securityvulns 2

suse 10

thn 5

cisa_kev 1

nvd 1

metasploit 1

exploitdb 1

exploitpack 1

cloudfoundry 1

packetstorm 1

canvas 1

ubuntucve 1

ubuntu 10

chrome 1

osv 3

redhat 6

debian 3

mageia 8

securelist 1

centos 1

veracode 7

kitploit 1

fedora 8

amazon

Medium: kernel

2014-06-15 16:30:00

Medium: kernel

2014-08-21 11:03:00

threatpost

CopyCat Malware Infected 14M Android Devices, Rooted 8M, in 2016

2017-07-06 13:49:02

Android Ransomware Attacks Using Towelroot, Hacking Team Exploits

2016-04-25 15:36:33

Google Play Hit With Rash of Auto-Rooting Malware

2016-06-28 12:29:57

prion

Command injection

2014-06-07 14:55:00

altlinux

Security fix for the ALT Linux 7 package kernel-image-un-def version 1:3.14.5-alt2

2014-06-06 00:00:00

Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt23

2014-06-09 00:00:00

Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt25

2014-06-21 00:00:00

openvas

Oracle: Security Advisory (ELSA-2014-3037)

2015-10-06 00:00:00

Oracle: Security Advisory (ELSA-2014-3038)

2015-10-06 00:00:00

Ubuntu: Security Advisory (USN-2237-1)

2014-06-09 00:00:00

cvelist

CVE-2014-3153

2014-06-07 14:00:00

debiancve

CVE-2014-3153

2014-06-07 14:55:27

saint

Linux kernel futex_requeue privilege elevation

2014-12-03 00:00:00

Linux kernel futex_requeue privilege elevation

2014-12-03 00:00:00

Linux kernel futex_requeue privilege elevation

2014-12-03 00:00:00

attackerkb

CVE-2014-3153

2014-06-07 00:00:00

android

TowelRoot

2014-06-05 00:00:00

zdt

Linux Kernel libfutex Local Root for RHEL/CentOS 7.0.1406 Exploit

2014-11-26 00:00:00

Android Futex Requeue Kernel Exploit

2015-02-10 00:00:00

cve

CVE-2014-3153

2014-06-07 14:55:27

nessus

SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 9328 / 9329 / 9330)

2014-06-11 00:00:00

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3039)

2014-06-09 00:00:00

Ubuntu 12.04 LTS : linux-lts-quantal vulnerability (USN-2237-1)

2014-06-06 00:00:00

hackerone

Sandbox Escape: Linux PI futex self-requeue bug

2014-05-26 05:00:49

oraclelinux

Unbreakable Enterprise kernel security update

2014-06-06 00:00:00

unbreakable enterprise kernel security update

2014-06-07 00:00:00

Unbreakable Enterprise kernel security update

2014-06-07 00:00:00

securityvulns

Linux privilege escalation

2014-06-09 00:00:00

[oss-security] Linux kernel futex local privilege escalation (CVE-2014-3153)

2014-06-09 00:00:00

suse

Security update for Linux Kernel (important)

2014-06-25 00:04:51

kernel update fixes local privilege escalation and a regression causing a crash if IPsec peer is unavailable (important)

2014-07-08 20:04:15

Security update for Linux Kernel (critical)

2014-06-11 05:04:34

thn

Towelroot : One-Click Android Rooting Tool Released By Geohot

2014-06-17 22:49:00

Over 1 Million Google Accounts Hacked by 'Gooligan' Android Malware

2016-11-30 05:44:00

CopyCat Android Rooting Malware Infected 14 Million Devices

2017-07-06 05:17:00

cisa_kev

Linux Kernel Privilege Escalation Vulnerability

2022-05-25 00:00:00

nvd

CVE-2014-3153

2014-06-07 14:55:27

metasploit

Android 'Towelroot' Futex Requeue Kernel Exploit

2014-12-01 03:49:22

exploitdb

Linux Kernel 3.14.5 (CentOS 7 / RHEL) - 'libfutex' Local Privilege Escalation

2014-11-25 00:00:00

exploitpack

Linux Kernel 3.14.5 (CentOS 7 RHEL) - libfutex Local Privilege Escalation

2014-11-25 00:00:00

cloudfoundry

CVE-2014-3153 Futex requeue exploit | Cloud Foundry

2014-08-18 00:00:00

packetstorm

Android Futex Requeue Kernel Exploit

2015-02-09 00:00:00

canvas

Immunity Canvas: LINUX_FUTEX_REQUEUE

2014-06-07 14:55:00

ubuntucve

CVE-2014-3153

2014-06-05 00:00:00

ubuntu

Linux kernel (Quantal HWE) vulnerability

2014-06-05 00:00:00

Linux kernel (Raring HWE) vulnerabilities

2014-06-05 00:00:00

Linux kernel (OMAP4) vulnerabilities

2014-06-05 00:00:00

chrome

Stable Channel Update for Chrome OS

2014-06-10 00:00:00

osv

linux-2.6 - security update

2014-06-18 00:00:00

linux - security update

2014-06-05 00:00:00

openssl - security update

2014-06-05 00:00:00

redhat

(RHSA-2014:0900) Important: kernel security and bug fix update

2014-07-17 00:00:00

(RHSA-2014:0800) Important: kernel security update

2014-06-26 00:00:00

(RHSA-2014:0771) Important: kernel security and bug fix update

2014-06-19 00:00:00

debian

[SECURITY] [DSA 2949-1] linux security update

2014-06-05 12:15:58

[SECURITY] [DSA 2949-1] linux security update

2014-06-05 12:15:58

[SECURITY] [DSA 2950-1] openssl security update

2014-06-05 11:51:34

mageia

Updated kernel packages fixes security vulnerabilities.

2014-06-19 00:50:01

Updated kernel packages fixes security vulnerabilities

2014-06-23 01:13:23

Updated kernel-tmb package fixes security vulnerabilities

2014-08-18 13:14:56

securelist

Skygofree: Following in the footsteps of HackingTeam

2018-01-16 10:00:58

centos

kernel, perf, python security update

2014-06-20 10:10:41

veracode

Denial Of Service (DoS)

2019-05-02 05:03:36

Denial Of Service (DoS)

2019-05-02 05:03:36

Denial Of Service (DoS)

2019-05-02 05:03:37

kitploit

Kernelpop - Kernel Privilege Escalation Enumeration And Exploitation Framework

2017-11-04 13:30:00

fedora

[SECURITY] Fedora 20 Update: kernel-3.14.6-200.fc20

2014-06-11 16:31:10

[SECURITY] Fedora 20 Update: kernel-3.14.8-200.fc20

2014-06-18 22:25:48

[SECURITY] Fedora 20 Update: kernel-3.15.4-200.fc20

2014-07-11 02:02:48

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.006

Percentile

79.1%

JSON

Related for SAINT:8BE23F1EC35A570A9A83983E4E020927