CVE 2014-3940
The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.
Related bugs and status
CVE-2014-3940 (Candidate) is related to these bugs:
Bug #1327487: CVE-2014-3940
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1327487 | CVE-2014-3940 | linux (Ubuntu) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-fsl-imx51 (Ubuntu) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-mvl-dove (Ubuntu) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-maverick (Ubuntu) | Undecided | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-natty (Ubuntu) | Undecided | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-ti-omap4 (Ubuntu) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-ec2 (Ubuntu) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-maverick (Ubuntu Utopic) | Undecided | Won't Fix | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-natty (Ubuntu Utopic) | Undecided | Won't Fix | ||
| 1327487 | CVE-2014-3940 | linux (Ubuntu Trusty) | Low | Fix Released | ||
| 1327487 | CVE-2014-3940 | linux-ec2 (Ubuntu Trusty) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-fsl-imx51 (Ubuntu Trusty) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-maverick (Ubuntu Trusty) | Undecided | Won't Fix | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-natty (Ubuntu Trusty) | Undecided | Won't Fix | ||
| 1327487 | CVE-2014-3940 | linux-mvl-dove (Ubuntu Trusty) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-ti-omap4 (Ubuntu Trusty) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-maverick (Ubuntu Saucy) | Undecided | Won't Fix | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-natty (Ubuntu Saucy) | Undecided | Won't Fix | ||
| 1327487 | CVE-2014-3940 | linux (Ubuntu Precise) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-ec2 (Ubuntu Precise) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-fsl-imx51 (Ubuntu Precise) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-maverick (Ubuntu Precise) | Undecided | Won't Fix | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-natty (Ubuntu Precise) | Undecided | Won't Fix | ||
| 1327487 | CVE-2014-3940 | linux-mvl-dove (Ubuntu Precise) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-ti-omap4 (Ubuntu Precise) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-maverick (Ubuntu Lucid) | Undecided | Won't Fix | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-natty (Ubuntu Lucid) | Undecided | Won't Fix | ||
| 1327487 | CVE-2014-3940 | linux-armadaxp (Ubuntu) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-armadaxp (Ubuntu Precise) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-armadaxp (Ubuntu Trusty) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-saucy (Ubuntu) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-saucy (Ubuntu Precise) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-saucy (Ubuntu Trusty) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-quantal (Ubuntu) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-quantal (Ubuntu Precise) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-quantal (Ubuntu Trusty) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-raring (Ubuntu) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-raring (Ubuntu Precise) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-raring (Ubuntu Trusty) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-trusty (Ubuntu Precise) | Low | Fix Released | ||
| 1327487 | CVE-2014-3940 | linux (Ubuntu Vivid) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-armadaxp (Ubuntu Vivid) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-ec2 (Ubuntu Vivid) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-fsl-imx51 (Ubuntu Vivid) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-maverick (Ubuntu Vivid) | Undecided | New | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-natty (Ubuntu Vivid) | Undecided | New | ||
| 1327487 | CVE-2014-3940 | linux-lts-quantal (Ubuntu Vivid) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-raring (Ubuntu Vivid) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-saucy (Ubuntu Vivid) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-mvl-dove (Ubuntu Vivid) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-ti-omap4 (Ubuntu Vivid) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux (Ubuntu Wily) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-armadaxp (Ubuntu Wily) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-ec2 (Ubuntu Wily) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-fsl-imx51 (Ubuntu Wily) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-maverick (Ubuntu Wily) | Undecided | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-backport-natty (Ubuntu Wily) | Undecided | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-quantal (Ubuntu Wily) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-raring (Ubuntu Wily) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-saucy (Ubuntu Wily) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-mvl-dove (Ubuntu Wily) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-ti-omap4 (Ubuntu Wily) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-goldfish (Ubuntu) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-goldfish (Ubuntu Precise) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-goldfish (Ubuntu Vivid) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-goldfish (Ubuntu Wily) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-flo (Ubuntu) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-flo (Ubuntu Precise) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-flo (Ubuntu Vivid) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-flo (Ubuntu Wily) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-vivid (Ubuntu) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-vivid (Ubuntu Precise) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-vivid (Ubuntu Vivid) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-lts-vivid (Ubuntu Wily) | Low | Invalid | ||
| 1327487 | CVE-2014-3940 | linux-mako (Ubuntu) | Low | Invalid | ||
See the 
CVE page on Mitre.org
for more details.
