Linux · Linux Kernel · CVE-2014-9914
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 3.15.2
**Description**
A race condition in the `ip4 datagram release cb` function allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets.
**Recommendations**
For Linux kernel versions prior to 3.15.2, update to version 3.15.2 or later to resolve the issue. As a temporary workaround, consider restricting access to IPv4 UDP sockets to minimize the risk of exploitation.