VYPR
Unrated severityNVD Advisory· Published Sep 28, 2014· Updated Jun 17, 2026

CVE-2014-3631

CVE-2014-3631

Description

The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple "keyctl newring" operations followed by a "keyctl timeout" operation.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Linux/Kernel2 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=3.13,<3.14.19
    • (no CPE)range: <3.16.3

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.