CVE-2014-1737

The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

Published: May 11, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-1737
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-754

Affected Software
References

Software	From	Fixed in
oracle / linux	5	5.x
oracle / linux	6	6.x
debian / debian_linux	7.0	7.0.x
debian / debian_linux	6.0	6.0.x
suse / linux_enterprise_desktop	11-sp3	11-sp3.x
suse / linux_enterprise_server	11-sp3	11-sp3.x
suse / linux_enterprise_real_time_extension	11-sp3	11-sp3.x
suse / linux_enterprise_high_availability_extension	11-sp3	11-sp3.x
redhat / enterprise_linux_eus	6.3	6.3.x
redhat / enterprise_linux_eus	5.6	5.6.x
linux / linux_kernel	3.13	3.14.4
linux / linux_kernel	3.11	3.12.20
linux / linux_kernel	3.5	3.10.40
linux / linux_kernel	3.3	3.4.90
linux / linux_kernel	-	3.2.59

Vulnerability Database

289,599

CVE-2014-1737