7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
46.4%
Pinkie Pie discovered an issue in the futex subsystem that
allows a local user to gain ring 0 control via the futex syscall. An
unprivileged user could use this flaw to crash the kernel (resulting in
denial of service) or for privilege escalation.
The restore_fpu_checking function in
arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the
AMD K7 and K8 platforms does not clear pending exceptions before proceeding
to an EMMS instruction, which allows local users to cause a denial of
service (task kill) or possibly gain privileges via a crafted application.
For Debian 6 Squeeze, these issues have been fixed in linux-2.6 version 2.6.32-48squeeze7