VDB

CVE-2017-14140

CVE-2017-14140 PUBLISHED

The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.

EPSS 0.07% · 21.9th percentile

Risk Scores

EPSS Score
0.07%
21.9th percentile

Affected Products

VendorProductVersions
Ubuntu:22.04:LTSlinux-realtime0, 5.15.0-1032.35
Ubuntu:22.04:LTSlinux-intel-iot-realtime5.15.0-1073.75, 0
Ubuntu:16.04:LTSlinux-aws4.4.0-1003.12, 4.4.0-1035.44, 4.4.0-1032.41
Ubuntu:14.04:LTSlinux-lts-xenial4.4.0-92.115~14.04.1, 4.4.0-21.37~14.04.1, 4.4.0-22.39~14.04.1
Ubuntu:20.04:LTSlinux-raspi25.4.0-1006.6, 0, 5.3.0-1017.19
Ubuntu:20.04:LTSlinux-azure-fde5.4.0-1092.97+cvm1.1, 5.4.0-1091.96+cvm1.1, 5.4.0-1090.95+cvm1.1
Ubuntu:16.04:LTSlinux-gke4.4.0-1003.3, 4.4.0-1024.24, 4.4.0-1031.31
Ubuntu:24.04:LTSlinux-gcp-6.116.11.0-1014.14~24.04.1, 6.11.0-1013.13~24.04.1, 6.11.0-1011.11~24.04.1
Ubuntu:16.04:LTSlinux-snapdragon4.4.0-1073.78, 4.4.0-1076.81, 4.4.0-1072.77
Ubuntu:24.04:LTSlinux-lowlatency-hwe-6.116.11.0-1009.10~24.04.1, *, *
Ubuntu:16.04:LTSlinux-azure4.11.0-1009.9, 4.11.0-1011.11, 4.11.0-1013.13
Ubuntu:16.04:LTSlinux4.4.0-47.68, 4.4.0-45.66, 4.4.0-43.63
Ubuntu:16.04:LTSlinux-raspi24.4.0-1023.29, 0, 4.2.0-1013.19
Ubuntu:22.04:LTSlinux-riscv5.15.0-1018.21, 5.15.0-1019.22, 5.15.0-1020.23
Ubuntu:Pro:20.04:LTSlinux-azure-fde-5.155.15.0-1096.105~20.04.1.1, 5.15.0-1097.106~20.04.1.1, 5.15.0-1098.107~20.04.1.1
Ubuntu:24.04:LTSlinux-raspi-realtime6.8.0-2019.20, 0
Ubuntu:16.04:LTSlinux-gcp4.10.0-1008.8, 4.10.0-1009.9, 4.10.0-1007.7
Ubuntu:20.04:LTSlinux-gke5.4.0-1076.82, 5.4.0-1054.57, 5.4.0-1087.94
Ubuntu:24.04:LTSlinux-hwe-6.116.11.0-21.21~24.04.1, 6.11.0-19.19~24.04.1, 6.11.0-26.26~24.04.1
Ubuntu:14.04:LTSlinux3.12.0-2.7, 3.12.0-1.3, 3.11.0-12.19

…and 4 more

Timeline

  • Sep 5, 2017 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›