ID CVE-2014-8173
Summary The pmd_none_or_trans_huge_or_clear_bad function in include/asm-generic/pgtable.h in the Linux kernel before 3.13 on NUMA systems does not properly determine whether a Page Middle Directory (PMD) entry is a transparent huge-table entry, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted MADV_WILLNEED madvise system call that leverages the absence of a page-table lock. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:numa_systems:*
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:numa_systems:*
CVSS
Base: 7.2 (as of 03-01-2017 - 02:59)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
redhat via4
advisories
  • rhsa
    id RHSA-2015:0290
  • rhsa
    id RHSA-2015:0694
rpms
  • kernel-0:3.10.0-229.el7
  • kernel-abi-whitelists-0:3.10.0-229.el7
  • kernel-bootwrapper-0:3.10.0-229.el7
  • kernel-debug-0:3.10.0-229.el7
  • kernel-debug-debuginfo-0:3.10.0-229.el7
  • kernel-debug-devel-0:3.10.0-229.el7
  • kernel-debuginfo-0:3.10.0-229.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-229.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-229.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-229.el7
  • kernel-devel-0:3.10.0-229.el7
  • kernel-doc-0:3.10.0-229.el7
  • kernel-headers-0:3.10.0-229.el7
  • kernel-kdump-0:3.10.0-229.el7
  • kernel-kdump-debuginfo-0:3.10.0-229.el7
  • kernel-kdump-devel-0:3.10.0-229.el7
  • kernel-tools-0:3.10.0-229.el7
  • kernel-tools-debuginfo-0:3.10.0-229.el7
  • kernel-tools-libs-0:3.10.0-229.el7
  • kernel-tools-libs-devel-0:3.10.0-229.el7
  • perf-0:3.10.0-229.el7
  • perf-debuginfo-0:3.10.0-229.el7
  • python-perf-0:3.10.0-229.el7
  • python-perf-debuginfo-0:3.10.0-229.el7
  • kernel-rt-1:3.10.0-229.rt56.144.el6rt
  • kernel-rt-debug-1:3.10.0-229.rt56.144.el6rt
  • kernel-rt-debug-debuginfo-1:3.10.0-229.rt56.144.el6rt
  • kernel-rt-debug-devel-1:3.10.0-229.rt56.144.el6rt
  • kernel-rt-debuginfo-1:3.10.0-229.rt56.144.el6rt
  • kernel-rt-debuginfo-common-x86_64-1:3.10.0-229.rt56.144.el6rt
  • kernel-rt-devel-1:3.10.0-229.rt56.144.el6rt
  • kernel-rt-doc-1:3.10.0-229.rt56.144.el6rt
  • kernel-rt-firmware-1:3.10.0-229.rt56.144.el6rt
  • kernel-rt-trace-1:3.10.0-229.rt56.144.el6rt
  • kernel-rt-trace-debuginfo-1:3.10.0-229.rt56.144.el6rt
  • kernel-rt-trace-devel-1:3.10.0-229.rt56.144.el6rt
  • kernel-rt-vanilla-1:3.10.0-229.rt56.144.el6rt
  • kernel-rt-vanilla-debuginfo-1:3.10.0-229.rt56.144.el6rt
  • kernel-rt-vanilla-devel-1:3.10.0-229.rt56.144.el6rt
refmap via4
confirm
suse openSUSE-SU-2015:0714
Last major update 03-01-2017 - 02:59
Published 16-03-2015 - 10:59
Last modified 03-01-2017 - 02:59
Back to Top