CVE-2014-3153

Home/CVE/Linux Kernel Privilege Escalation Vulnerability

CVE

Linux Kernel Privilege Escalation Vulnerability

The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.

HIGH · CVSS 7.8 ⚠ CISA KEV EPSS 0.68892

Act now

Listed on CISA KEV (known exploited in the wild)
SSVC exploitation status: active
EPSS ≥ 0.50 - high probability of exploitation in the next 30 days
EPSS percentile: top 1% of all CVEs by exploitation likelihood
Public exploit or PoC is available
CVSS base score ≥ 7.0

Sigma rules8 YARA rules0

⬢

Required Remediation

Apply updates per vendor instructions.

▤

Affected Products & Versions

linux kernel< 3.2.60
linux kernel>= 3.3 and < 3.4.92
linux kernel>= 3.5 and < 3.10.42
linux kernel>= 3.11 and < 3.12.22
linux kernel>= 3.13 and < 3.14.6
redhat enterprise linux server ausall versions
opensuseall versions
suse linux enterprise desktopall versions
Show all 13 affected productssuse linux enterprise high availability extensionall versions
suse linux enterprise real time extensionall versions
suse linux enterprise serverall versions
canonical ubuntu linuxall versions
oracle linuxall versions

⚠

Public Exploits & PoCs

localLinux Kernel 3.14.5 (CentOS 7 / RHEL) - 'libfutex' Local Privilege Escalation2014-11-25
pocwww.debian.org · dsa-2949www.debian.org
pocwww.exploit-db.com · 35370www.exploit-db.com
pocelongl.github.io · cve-2014-3153.htmlelongl.github.io

◈

Sigma Hunt Rules

Exact rules name this CVE ID. Product rules name an affected product in their title. Related rules cover techniques used by actors who exploited this CVE. Showing the most relevant matches; the complete related set is on the full drill-down.

productcriticalLinux Reverse Shell Indicator

producthighCommunication To LocaltoNet Tunneling Service Initiated - Linux

producthighPotentially Suspicious Malware Callback Communication - Linux

producthighLinux Crypto Mining Pool Connections

producthighCommunication To Ngrok Tunneling Service - Linux

producthighLinux Crypto Mining Indicators

Show all 8 top matches

producthighShell Execution GCC - Linux

producthighShell Execution via Rsync - Linux

▣

Scoring & Timeline

7.8

HIGH · CVSS v3.1 · chrome-cve-admin@google.com

View on NVD

Attack Vector

Network Adjacent Local Physical

Attack Complexity

Low High

Privileges Required

None Low High

User Interaction

None Required

Scope

Unchanged Changed

Confidentiality

None Low High

Integrity

None Low High

Availability

None Low High

Published to NVD07 Jun 2014 · 02:55 PM

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SSVC triage · cisa-vulnrichment

Exploitation

active

Automatable

Technical impact

total

SSVC asks the questions that actually drive patch urgency: is it being exploited, can attacks be automated, and how total is the impact.

⚑

Vendor Advisories

cisaKEV-CVE-2014-3153
suse-csafSUSE-SU-2015:0736-1
suse-csafSUSE-SU-2015:1376-1
suse-csafsuse-ru-2015_0621-1
suse-csafSUSE-SU-2015:0581-1
Show all 24 vendor advisoriessuse-csafSUSE-SU-2015:1174-1
rhsaRHSA-2014:0913Important
usnUSN-2260-1
rhsaRHSA-2014:0786Moderate
rhsaRHSA-2014:0771Moderate
usnUSN-2241-1
usnUSN-2240-1
usnUSN-2239-1
usnUSN-2238-1
usnUSN-2237-1
usnUSN-2236-1
usnUSN-2235-1
usnUSN-2234-1
usnUSN-2233-1
rhsaRHSA-2014:0800Important
rhsaRHSA-2014:0900Important
rhsaRHSA-2014:0815Important
suse-csafSUSE-SU-2015:0481-1
suse-csafSUSE-SU-2015:0652-1