Back to KEVs

CVE-2014-3153

The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses,...

Basic Information

CVE State
PUBLISHED
Reserved Date
May 03, 2014
Published Date
June 07, 2014
Last Updated
February 03, 2025
Vendor
n/a
Product
n/a
Description
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.

CVSS Scores

CVSS v3.1

7.8 - HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (added 2022-05-25 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2022-02-01 09:54:52 UTC) Source

References

http://www.securityfocus.com/bid/67906 http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00006.html http://openwall.com/lists/oss-security/2014/06/05/24 http://secunia.com/advisories/59029 http://www.debian.org/security/2014/dsa-2949 http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00018.html http://secunia.com/advisories/59262 http://secunia.com/advisories/58990 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=13fbca4c6ecd96ec1a1cfa2e4f2ce191fe928a5e https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54a217887a7b658e2650c3feff22756ab80c7339 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e9c243a5a6de0be8e584c604d353412584b592f8 http://linux.oracle.com/errata/ELSA-2014-3037.html http://secunia.com/advisories/59153 http://openwall.com/lists/oss-security/2014/06/06/20 http://secunia.com/advisories/59309 https://github.com/torvalds/linux/commit/e9c243a5a6de0be8e584c604d353412584b592f8 http://www.securitytracker.com/id/1030451 http://linux.oracle.com/errata/ELSA-2014-0771.html http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00014.html http://rhn.redhat.com/errata/RHSA-2014-0800.html http://www.ubuntu.com/usn/USN-2237-1 http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html http://linux.oracle.com/errata/ELSA-2014-3039.html https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b3eaa9fc5cd0a4d74b18f6b8dc617aeaf1873270 http://secunia.com/advisories/58500 http://www.ubuntu.com/usn/USN-2240-1 https://bugzilla.redhat.com/show_bug.cgi?id=1103626 http://secunia.com/advisories/59386 http://www.exploit-db.com/exploits/35370 http://secunia.com/advisories/59599 http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00025.html http://www.openwall.com/lists/oss-security/2014/06/05/22 http://secunia.com/advisories/59092 http://linux.oracle.com/errata/ELSA-2014-3038.html http://www.openwall.com/lists/oss-security/2021/02/01/4 https://www.openwall.com/lists/oss-security/2021/02/01/4 https://elongl.github.io/exploitation/2021/01/08/cve-2014-3153.html https://github.com/elongl/CVE-2014-3153

Known Exploited Vulnerability Information

Source Added Date
CISA 2022-05-25 00:00:00 UTC

Scanner Integrations

Scanner URL Date Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/android/local/futex_requeue.rb 2025-04-29 11:01:10 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

futex_requeue

Type: metasploit • Created: Unknown

Metasploit module for CVE-2014-3153

c4mx/Linux-kernel-code-injection_CVE-2014-3153

Type: github • Created: 2022-02-01 09:54:52 UTC • Stars: 0

Study on Linux kernel code injection via CVE-2014-3153 (Towelroot)

elongl/CVE-2014-3153

Type: github • Created: 2020-10-31 11:39:11 UTC • Stars: 11

Exploiting CVE-2014-3153, AKA Towelroot.

c3c/CVE-2014-3153

Type: github • Created: 2016-05-29 18:39:15 UTC • Stars: 0

towelroot

zerodavinci/CVE-2014-3153-exploit

Type: github • Created: 2015-11-08 09:40:59 UTC • Stars: 5

My exploit for kernel exploitation

lieanu/CVE-2014-3153

Type: github • Created: 2015-01-12 16:53:09 UTC • Stars: 17

cve2014-3153 exploit for ubuntu x86

timwr/CVE-2014-3153

Type: github • Created: 2014-07-24 13:28:00 UTC • Stars: 121

CVE-2014-3153 aka towelroot