CVE-2014-9914

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.15.2

Description A race condition in the ip4 datagram release cb function allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets.

Recommendations For Linux kernel versions prior to 3.15.2, update to version 3.15.2 or later to resolve the issue. As a temporary workaround, consider restricting access to IPv4 UDP sockets to minimize the risk of exploitation.