Description
The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.
References (9)
Core 9
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1104097
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/59011
Various Sources mailing-list
x_refsource_mlist
https://lkml.org/lkml/2014/3/18/784
Vendor Advisory x_refsource_confirm
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-0290.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2014/06/02/5
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/67786
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/61310
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1272.html
Scores
EPSS
0.0027
EPSS Percentile
19.1%
Details
CWE
CWE-362
Status
published
Products (8)
linux/linux_kernel
3.14 (9 CPE variants)
linux/linux_kernel
3.14.1
linux/linux_kernel
3.14.2
linux/linux_kernel
3.14.3
linux/linux_kernel
3.14.4
linux/linux_kernel
< 3.14.5
redhat/enterprise_linux
6.0
redhat/enterprise_mrg
2.0
Published
Jun 05, 2014
Tracked Since
Feb 18, 2026