Unrated severityNVD Advisory· Published Sep 28, 2014· Updated May 6, 2026
CVE-2014-0205
CVE-2014-0205
Description
The futex_wait function in kernel/futex.c in the Linux kernel before 2.6.37 does not properly maintain a certain reference count during requeue operations, which allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that triggers a zero count.
Affected products
13cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <=2.6.36.4
- cpe:2.3:o:linux:linux_kernel:2.6.36:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.36.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.36.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.36.3:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.36:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.36:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.36:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.36:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.36:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.36:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.36:rc7:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.36:rc8:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.37nvdExploitVendor Advisory
- github.com/torvalds/linux/commit/7ada876a8703f23befbb20a7465a702ee39b1704nvdExploit
- git.kernel.orgnvd
- rhn.redhat.com/errata/RHSA-2014-1365.htmlnvd
- rhn.redhat.com/errata/RHSA-2014-1763.htmlnvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.