Back to search
CVE-2014-3940
Published: Jun 5, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=1104097
x_refsource_CONFIRM
59011
third-party-advisory
x_refsource_SECUNIA
[linux-kernel] 20140318 [PATCH RESEND -mm 1/2] mm: add !pte_present() check on existing hugetlb_entry callbacks
mailing-list
x_refsource_MLIST
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html
x_refsource_CONFIRM
RHSA-2015:0290
vendor-advisory
x_refsource_REDHAT
[oss-security] 20140602 CVE-2014-3940 - Linux kernel - missing check during hugepage migration
mailing-list
x_refsource_MLIST
67786
vdb-entry
x_refsource_BID
61310
third-party-advisory
x_refsource_SECUNIA
RHSA-2015:1272
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now