Linux · Linux Kernel · CVE-2014-0205
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 2.6.37
**Description**
The issue is related to the futex wait function in kernel/futex.c, which does not properly maintain a certain reference count during requeue operations. This can be exploited by local users to cause a denial of service, resulting in a use-after-free and system crash, or possibly gain privileges via a crafted application that triggers a zero count.
**Recommendations**
For Linux kernel versions prior to 2.6.37, update to version 2.6.37 or later to resolve the issue.