CVE-2014-0205

Linux kernel <2.6.37 - Use After Free

Title source: llm
STIX 2.1

Description

The futex_wait function in kernel/futex.c in the Linux kernel before 2.6.37 does not properly maintain a certain reference count during requeue operations, which allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that triggers a zero count.

References (6)

Core 6

Scores

EPSS 0.0066
EPSS Percentile 47.3%

Details

CWE
CWE-119
Status published
Products (5)
linux/linux_kernel 2.6.36 (9 CPE variants)
linux/linux_kernel 2.6.36.1
linux/linux_kernel 2.6.36.2
linux/linux_kernel 2.6.36.3
linux/linux_kernel < 2.6.36.4
Published Sep 28, 2014
Tracked Since Feb 18, 2026