4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.2%
The Linux kernel through 3.14.5 does not properly consider the presence of
hugetlb entries, which allows local users to cause a denial of service
(memory corruption or system crash) by accessing certain memory locations,
as demonstrated by triggering a race condition via numa_maps read
operations during hugepage migration, related to fs/proc/task_mmu.c and
mm/mempolicy.c.
Author | Note |
---|---|
jdstrand | android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels |
www.openwall.com/lists/oss-security/2014/06/02/5
bugzilla.redhat.com/show_bug.cgi?id=1104097
launchpad.net/bugs/cve/CVE-2014-3940
lkml.org/lkml/2014/3/18/784
nvd.nist.gov/vuln/detail/CVE-2014-3940
security-tracker.debian.org/tracker/CVE-2014-3940
ubuntu.com/security/notices/USN-2288-1
ubuntu.com/security/notices/USN-2290-1
www.cve.org/CVERecord?id=CVE-2014-3940