4
CVE-2014-3940
- EPSS 0.04%
- Published 05.06.2014 17:55:07
- Last modified 12.04.2025 10:46:40
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.
Data is provided by the National Vulnerability Database (NVD)
Redhat ≫ Enterprise Linux Version6.0
Redhat ≫ Enterprise Mrg Version2.0
Linux ≫ Linux Kernel Version <= 3.14.5
Linux ≫ Linux Kernel Version3.14 Update-
Linux ≫ Linux Kernel Version3.14 Updaterc1
Linux ≫ Linux Kernel Version3.14 Updaterc2
Linux ≫ Linux Kernel Version3.14 Updaterc3
Linux ≫ Linux Kernel Version3.14 Updaterc4
Linux ≫ Linux Kernel Version3.14 Updaterc5
Linux ≫ Linux Kernel Version3.14 Updaterc6
Linux ≫ Linux Kernel Version3.14 Updaterc7
Linux ≫ Linux Kernel Version3.14 Updaterc8
Linux ≫ Linux Kernel Version3.14.1
Linux ≫ Linux Kernel Version3.14.2
Linux ≫ Linux Kernel Version3.14.3
Linux ≫ Linux Kernel Version3.14.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.114 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 1.9 | 6.9 |
AV:L/AC:H/Au:N/C:N/I:N/A:C
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.