CVE-2014-1737

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2014-1737

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2014-1737.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2014-1737

Downstream

DEBIAN-CVE-2014-1737

DSA-2926-1

DSA-2928-1

RHSA-2014:0557

RHSA-2014:0740

RHSA-2014:0771

RHSA-2014:0772

RHSA-2014:0786

RHSA-2014:0800

RHSA-2014:0801

RHSA-2014:0900

SUSE-RU-2015:0621-1

SUSE-SU-2015:0481-1

SUSE-SU-2015:0581-1

SUSE-SU-2015:0652-1

SUSE-SU-2015:0736-1

SUSE-SU-2015:1174-1

SUSE-SU-2015:1376-1

UBUNTU-CVE-2014-1737

USN-2226-1

Related

Published

2014-05-11T21:55:05Z

Modified

2025-08-09T20:01:26Z

Summary

[none]

Details

The rawcmdcopyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

References

Affected packages