F5 Networks BIG-IP : Linux kernel vulnerability (SOL15685)
Medium Nessus Plugin ID 78491
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution SOL15685.