4
CVE-2014-3940
- EPSS 0.27%
- Veröffentlicht 05.06.2014 17:55:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Enterprise Linux Version6.0
Redhat ≫ Enterprise Mrg Version2.0
Linux ≫ Linux Kernel Version <= 3.14.5
Linux ≫ Linux Kernel Version3.14 Update-
Linux ≫ Linux Kernel Version3.14 Updaterc1
Linux ≫ Linux Kernel Version3.14 Updaterc2
Linux ≫ Linux Kernel Version3.14 Updaterc3
Linux ≫ Linux Kernel Version3.14 Updaterc4
Linux ≫ Linux Kernel Version3.14 Updaterc5
Linux ≫ Linux Kernel Version3.14 Updaterc6
Linux ≫ Linux Kernel Version3.14 Updaterc7
Linux ≫ Linux Kernel Version3.14 Updaterc8
Linux ≫ Linux Kernel Version3.14.1
Linux ≫ Linux Kernel Version3.14.2
Linux ≫ Linux Kernel Version3.14.3
Linux ≫ Linux Kernel Version3.14.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.27% | 0.189 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 1.9 | 6.9 |
AV:L/AC:H/Au:N/C:N/I:N/A:C
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
http://rhn.redhat.com/errata/RHSA-2015-0290.html
http://rhn.redhat.com/errata/RHSA-2015-1272.html
http://secunia.com/advisories/59011
http://secunia.com/advisories/61310
http://www.openwall.com/lists/oss-security/2014/06/02/5
http://www.securityfocus.com/bid/67786
https://bugzilla.redhat.com/show_bug.cgi?id=1104097
https://lkml.org/lkml/2014/3/18/784
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html