CVE-2014-0205

Impact:
Important
Public Date:
2014-09-09
CWE:
CWE-682->CWE-416
Bugzilla:
1094455: CVE-2014-0205 kernel: futex: refcount issue in case of requeue
A flaw was found in the way the Linux kernel's futex subsystem handled reference counting when requeuing futexes during futex_wait(). A local, unprivileged user could use this flaw to zero out the reference counter of an inode or an mm struct that backs up the memory area of the futex, which could lead to a use-after-free flaw, resulting in a system crash or, potentially, privilege escalation.

Find out more about CVE-2014-0205 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG-2.

Future Linux kernel updates for Red Hat Enterprise Linux 6 may address this issue.

CVSS v2 metrics

Base Score 6.9
Base Metrics AV:L/AC:M/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (kernel) RHSA-2014:1167 2014-09-09
Red Hat Enterprise Linux Advanced Update Support 6.2 (kernel) RHSA-2014:1763 2014-10-30
Red Hat Enterprise Linux Extended Update Support 6.4 (kernel) RHSA-2014:1365 2014-10-07

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel Not affected
Red Hat Enterprise Linux 7 kernel Not affected
Red Hat Enterprise Linux 5 kernel Not affected

Acknowledgements

The security impact of this issue was discovered by Mateusz Guzik of Red Hat.

Last Modified