UBUNTU-CVE-2014-3940

Advisory lineage Upstream: 1 Downstream: 1

Upstream

CVE-2014-3940

Downstream

USN-2290-1

Published: 05 Jun 2014, 00:00

Last modified:22 Apr 2026, 09:44

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

05 Jun 2014, 00:00

Published

Vulnerability first disclosed

22 Apr 2026, 09:44

Last Modified

Vulnerability information updated

Description

The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.

Affected Systems

ubuntu•linux
< 3.13.0-32.57

References (7)

https://ubuntu.com/security/CVE-2014-3940
https://lkml.org/lkml/2014/3/18/784
https://bugzilla.redhat.com/show_bug.cgi?id=1104097
http://www.openwall.com/lists/oss-security/2014/06/02/5
https://ubuntu.com/security/notices/USN-2288-1
https://ubuntu.com/security/notices/USN-2290-1
https://www.cve.org/CVERecord?id=CVE-2014-3940