CVE-2014-1737

The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

Published: 2014-05-11 Last update: 2026-05-06 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2014-1737 is rated Moderate Risk (42.6/100): CVSS High severity, with low exploitation likelihood (EPSS 0.49%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2014-1737

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.04% 0.49% +0.44%
2 2025-10-17 0.07% 0.04% -0.03%
3 2025-05-27 0.07%

Full EPSS history (7 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2014-1737

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.2 2.0 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:L)
Requires local access to the target system.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 3.9 10.0 [email protected]

Weakness enumeration for CVE-2014-1737

OS Trackers for CVE-2014-1737

vendor priority summary link
debian not yet assigned CVE-2014-1737 not yet assigned priority: Debian including 1 source packages (linux), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. https://security-tracker.debian.org/tracker/CVE-2014-1737
redhat high https://access.redhat.com/security/cve/CVE-2014-1737
ubuntu high CVE-2014-1737 high priority: Ubuntu including 30 source packages (linux, linux-armadaxp, …), 315 status rows across 12 suites (lucid, precise, quantal, saucy, trusty, upstream, utopic, vivid, wily, xenial, yakkety, zesty): DNE 218, released 42, not-affected 35, ignored 20. https://ubuntu.com/security/CVE-2014-1737

Affected software / configurations for CVE-2014-1737

Vendor Product Version Raw CPE
linux linux_kernel < 3.2.59 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 3.3, < 3.4.90 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 3.5, < 3.10.40 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 3.11, < 3.12.20 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 3.13, < 3.14.4 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
oracle linux 5 cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
oracle linux 6 cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
debian debian_linux 6.0 cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
debian debian_linux 7.0 cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
suse linux_enterprise_desktop 11 cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
suse linux_enterprise_high_availability_extension 11 cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*
suse linux_enterprise_real_time_extension 11 cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*
suse linux_enterprise_server 11 cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*
suse linux_enterprise_server 11 cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
redhat enterprise_linux_eus 5.6 cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*
redhat enterprise_linux_eus 6.3 cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*

References for CVE-2014-1737

URL Tags
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ef87dbe7614341c2e7bfe8d32fcb7028cc97442c
http://linux.oracle.com/errata/ELSA-2014-0771.html
http://linux.oracle.com/errata/ELSA-2014-3043.html
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html
http://rhn.redhat.com/errata/RHSA-2014-0800.html
http://rhn.redhat.com/errata/RHSA-2014-0801.html
http://secunia.com/advisories/59262
http://secunia.com/advisories/59309
http://secunia.com/advisories/59406
http://secunia.com/advisories/59599
http://www.debian.org/security/2014/dsa-2926
http://www.debian.org/security/2014/dsa-2928
http://www.openwall.com/lists/oss-security/2014/05/09/2
http://www.securityfocus.com/bid/67300
http://www.securitytracker.com/id/1030474
https://bugzilla.redhat.com/show_bug.cgi?id=1094299
https://github.com/torvalds/linux/commit/ef87dbe7614341c2e7bfe8d32fcb7028cc97442c
cvelogic Threat Intelligence