CVE-2014-2673 — Vulnetix

Try Vulnetix Request Demo

CVE-2014-2673 REJECTED

The arch_dup_task_struct function in the Transactional Memory (TM) implementation in arch/powerpc/kernel/process.c in the Linux kernel before 3.13.7 on the powerpc platform does not properly interact with the clone and fork system calls, which allows local users to cause a denial of service (Program Check and system crash) via certain instructions that are executed with the processor in the Transactional state.

EPSS 0.04% · 12.0th percentile

Risk Scores

EPSS Score

0.04%

12.0th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:16.04:LTS	linux-gke	0
Ubuntu:14.04:LTS	linux-aws	0
Ubuntu:16.04:LTS	linux	0
Ubuntu:16.04:LTS	linux-raspi2	0
Ubuntu:14.04:LTS	linux-lts-xenial	0
Ubuntu:16.04:LTS	linux-aws	0
Ubuntu:16.04:LTS	linux-snapdragon	0
Ubuntu:14.04:LTS	linux-lts-utopic	0
Ubuntu:14.04:LTS	linux-lts-wily	0
Ubuntu:14.04:LTS	linux	3.12.0-5.13, 3.12.0-7.15, 3.13.0-1.16
Ubuntu:14.04:LTS	linux-lts-vivid	0
Ubuntu:16.04:LTS	linux-hwe	0

Timeline

Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2014-2673 third-party-advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=621b5060e823301d0cba4cb52a7ee3491922d291 third-party-advisory
https://ubuntu.com/security/notices/USN-2225-1 vendor-advisory
https://ubuntu.com/security/notices/USN-2228-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2014-2673 third-party-advisory

Open in Interactive Console →