Unrated severityNVD Advisory· Published Dec 27, 2014· Updated May 6, 2026

CVE-2014-0748

Description

apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified aprun program, aka ID FN5912.

Affected products

Cray/Cray Linux Environment2 versions
cpe:2.3:o:cray:cray_linux_environment:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:cray:cray_linux_environment:*:*:*:*:*:*:*:*range: <=4.2
- cpe:2.3:o:cray:cray_linux_environment:5.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

labs.mwrinfosecurity.com/advisories/2014/01/31/cray-aprunapinit-privilege-escalation/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000