Race condition vulnerability in Linux kernel through 3.14.5 allows denial of service via numa_maps read operations during hugepage migration

Race condition vulnerability in Linux kernel through 3.14.5 allows denial of service via numa_maps read operations during hugepage migration

CVE-2014-3940 · MEDIUM Severity

AV:L/AC:H/AU:N/C:N/I:N/A:C

The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.