4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:N/I:N/A:C
6.2 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.
rhn.redhat.com/errata/RHSA-2015-0290.html
rhn.redhat.com/errata/RHSA-2015-1272.html
secunia.com/advisories/59011
secunia.com/advisories/61310
www.openwall.com/lists/oss-security/2014/06/02/5
www.securityfocus.com/bid/67786
bugzilla.redhat.com/show_bug.cgi?id=1104097
lkml.org/lkml/2014/3/18/784
support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html