Upstream information

CVE-2014-3940 at MITRE

Description

The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4
Vector AV:L/AC:H/Au:N/C:N/I:N/A:C
Access Vector Local
Access Complexity High
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete
SUSE Bugzilla entry: 881101 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12
  • kernel-default >= 3.12.28-4.6
  • kernel-default-devel >= 3.12.28-4.6
  • kernel-default-extra >= 3.12.28-4.6
  • kernel-devel >= 3.12.28-4.6
  • kernel-macros >= 3.12.28-4.6
  • kernel-source >= 3.12.28-4.6
  • kernel-syms >= 3.12.28-4.6
  • kernel-xen >= 3.12.28-4.6
  • kernel-xen-devel >= 3.12.28-4.6
Patchnames:
SUSE Linux Enterprise Desktop 12 GA kernel-default
SUSE Linux Enterprise Desktop 12 SP1
  • kernel-default >= 3.12.49-11.1
  • kernel-default-devel >= 3.12.49-11.1
  • kernel-default-extra >= 3.12.49-11.1
  • kernel-devel >= 3.12.49-11.1
  • kernel-macros >= 3.12.49-11.1
  • kernel-source >= 3.12.49-11.1
  • kernel-syms >= 3.12.49-11.1
  • kernel-xen >= 3.12.49-11.1
  • kernel-xen-devel >= 3.12.49-11.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA kernel-default
SUSE Linux Enterprise Server 12
  • kernel-default >= 3.12.28-4.6
  • kernel-default-base >= 3.12.28-4.6
  • kernel-default-devel >= 3.12.28-4.6
  • kernel-default-man >= 3.12.28-4.6
  • kernel-devel >= 3.12.28-4.6
  • kernel-macros >= 3.12.28-4.6
  • kernel-source >= 3.12.28-4.6
  • kernel-syms >= 3.12.28-4.6
  • kernel-xen >= 3.12.28-4.6
  • kernel-xen-base >= 3.12.28-4.6
  • kernel-xen-devel >= 3.12.28-4.6
Patchnames:
SUSE Linux Enterprise Server 12 GA kernel-default
SUSE Linux Enterprise Server 12 SP1
  • kernel-default >= 3.12.49-11.1
  • kernel-default-base >= 3.12.49-11.1
  • kernel-default-devel >= 3.12.49-11.1
  • kernel-default-man >= 3.12.49-11.1
  • kernel-devel >= 3.12.49-11.1
  • kernel-macros >= 3.12.49-11.1
  • kernel-source >= 3.12.49-11.1
  • kernel-syms >= 3.12.49-11.1
  • kernel-xen >= 3.12.49-11.1
  • kernel-xen-base >= 3.12.49-11.1
  • kernel-xen-devel >= 3.12.49-11.1
Patchnames:
SUSE Linux Enterprise Server 12 SP1 GA kernel-default
SUSE Linux Enterprise Software Development Kit 12
  • kernel-docs >= 3.12.28-4.6
  • kernel-obs-build >= 3.12.28-4.3
  • kernel-zfcpdump >= 3.12.28-4.2
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 GA kernel-docs
SUSE Linux Enterprise Software Development Kit 12 SP1
  • kernel-docs >= 3.12.49-11.1
  • kernel-obs-build >= 3.12.49-11.2
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP1 GA kernel-docs
SUSE Linux Enterprise Workstation Extension 12
  • kernel-default-extra >= 3.12.28-4.6
Patchnames:
SUSE Linux Enterprise Workstation Extension 12 GA kernel-default-extra
SUSE Linux Enterprise Workstation Extension 12 SP1
  • kernel-default-extra >= 3.12.49-11.1
Patchnames:
SUSE Linux Enterprise Workstation Extension 12 SP1 GA kernel-default-extra