CVE-2014-3940

Description

The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.

CVSS Metrics

• v2.0•MEDIUM•Score: 4AV:L/AC:H/Au:N/C:N/I:N/A:C

EPSS Trends

Current EPSS score: 0.04%• Percentile: 13%

Techniques & Countermeasures

• CWE-362•Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

  The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

Affected Systems

• linux•linux_kernel

  ≤ 3.14.5 | 3.14 | 3.14:rc1 | 3.14:rc2 | 3.14:rc3 | 3.14:rc4 | 3.14:rc5 | 3.14:rc6 | 3.14:rc7 | 3.14:rc8 | 3.14.1 | 3.14.2 | 3.14.3 | 3.14.4

• redhat•enterprise_linux

  6.0

• redhat•enterprise_mrg

  2.0

References (9)

• https://bugzilla.redhat.com/show_bug.cgi?id=1104097
• http://secunia.com/advisories/59011
• https://lkml.org/lkml/2014/3/18/784
• https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html
• http://rhn.redhat.com/errata/RHSA-2015-0290.html
• http://www.openwall.com/lists/oss-security/2014/06/02/5
• http://www.securityfocus.com/bid/67786
• http://secunia.com/advisories/61310
• http://rhn.redhat.com/errata/RHSA-2015-1272.html