Vulnerability Details : CVE-2014-3940
The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.
Vulnerability category: Memory CorruptionDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2014-3940
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-3940
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.0
|
MEDIUM | AV:L/AC:H/Au:N/C:N/I:N/A:C |
1.9
|
6.9
|
NIST |
CWE ids for CVE-2014-3940
-
The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-3940
-
https://lkml.org/lkml/2014/3/18/784
LKML: Naoya Horiguchi: [PATCH RESEND -mm 1/2] mm: add !pte_present() check on existing hugetlb_entry callbacks
- https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html
-
http://www.securityfocus.com/bid/67786
Linux Kernel CVE-2014-3940 Unspecified Security Vulnerability
-
http://rhn.redhat.com/errata/RHSA-2015-1272.html
RHSA-2015:1272 - Security Advisory - Red Hat Customer Portal
-
https://bugzilla.redhat.com/show_bug.cgi?id=1104097
1104097 – (CVE-2014-3940) CVE-2014-3940 Kernel: missing check during hugepage migration
-
http://www.openwall.com/lists/oss-security/2014/06/02/5
oss-security - CVE-2014-3940 - Linux kernel - missing check during hugepage migration
-
http://rhn.redhat.com/errata/RHSA-2015-0290.html
RHSA-2015:0290 - Security Advisory - Red Hat Customer Portal
Products affected by CVE-2014-3940
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.14:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.14:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.14:rc8:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.14:rc7:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.14:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.14:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.14.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.14:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.14:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.14:-:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.14.3:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.14.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.14.2:*:*:*:*:*:*:*