UBUNTU-CVE-2014-3153
Advisory lineage Upstream: 1 Downstream: 1
Upstream
Downstream
Published: 05 Jun 2014, 00:00
Last modified:22 Apr 2026, 09:38
Vulnerability Summary
Overall Risk (default)
medium
31/100 CVSS Score
7.8 HIGH
3.1 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
05 Jun 2014, 00:00
Published
Vulnerability first disclosed
22 Apr 2026, 09:38
Last Modified
Vulnerability information updated
Description
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.
CVSS Metrics
- v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- ubuntu•linux
< 3.13.0-29.53
References (13)
- https://ubuntu.com/security/CVE-2014-3153
- https://ubuntu.com/security/notices/USN-2233-1
- https://ubuntu.com/security/notices/USN-2234-1
- https://ubuntu.com/security/notices/USN-2235-1
- https://ubuntu.com/security/notices/USN-2236-1
- https://ubuntu.com/security/notices/USN-2237-1
- https://ubuntu.com/security/notices/USN-2238-1
- https://ubuntu.com/security/notices/USN-2239-1
- https://ubuntu.com/security/notices/USN-2240-1
- https://ubuntu.com/security/notices/USN-2241-1
- https://ubuntu.com/security/notices/USN-2260-1
- https://www.cve.org/CVERecord?id=CVE-2014-3153
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog