11 Linux Kernel CVEs in June 2014
Full month · Source: NIST NVD
In June 2014, 11 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 1 was rated High severity and 6 Medium. CVE-2014-3153 was confirmed as actively exploited in the wild and added to the CISA Known Exploited Vulnerabilities catalog. June's 11 CVEs represent 8% of all 2014 Linux kernel CVEs , up from May's 8 (a 38% month-over-month increase) .
Actively Exploited CVEs — June 2014
1 CVE in CISA KEVCVE-2014-3153 is the only Linux kernel CVE from June 2014 confirmed as actively exploited in the wild. It carries a CVSS score of 7.8 (High severity) and is listed in the CISA Known Exploited Vulnerabilities catalog.
| CVE ID | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|
| CVE-2014-3153 | High KEV | 7.8 | 2014-06-07 | The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure tha… |
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2014-3153 | linux | High KEV | 7.8 | 2014-06-07 | The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two dif… | |
| CVE-2014-4014 | linux | Medium | 6.2 | 2014-06-23 | The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inappl… | |
| CVE-2014-0203 | linux | Medium | 5.5 | 2014-06-23 | The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathnam… | |
| CVE-2014-4171 | linux | Medium | 4.7 | 2014-06-23 | mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement the interaction between range notification an… | |
| CVE-2014-4508 | linux | Medium | 4.7 | 2014-06-23 | arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled… | |
| CVE-2014-4157 | linux | Medium | 4.6 | 2014-06-23 | arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 on the MIPS platform does not configure _TIF_SECC… | |
| CVE-2014-3940 | linux | Medium | 4.0 | 2014-06-05 | The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to… | |
| CVE-2014-3917 | linux | Low | 3.3 | 2014-06-05 | kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, al… | |
| CVE-2014-4027 | linux | Low | 2.3 | 2014-06-23 | The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly… | |
| CVE-2014-0206 | linux | Low | 2.1 | 2014-06-25 | Array index error in the aio_read_events_ring function in fs/aio.c in the Linux kernel through 3.15.1 allows local user… | |
| CVE-2014-1739 | linux | Low | 2.1 | 2014-06-23 | The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not init… |