PatchSiren cyber security CVE debrief
CVE-2014-9914 Linux CVE debrief
CVE-2014-9914 is a Linux kernel race condition in ip4_datagram_release_cb that can trigger a use-after-free during multithreaded access to internal IPv4 UDP socket data structures. NVD rates the issue High and maps it to local privilege escalation or denial of service on affected Linux kernel releases, with Android devices also listed in the vulnerable CPE range through 7.1.1.
- Vendor
- Linux
- Product
- CVE-2014-9914
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-02-07
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-02-07
- Advisory updated
- 2026-05-13
Who should care
Kernel and platform teams responsible for Linux systems, embedded devices, and Android builds that incorporate affected kernel versions. Administrators should prioritize systems running kernels in the vulnerable version ranges identified by NVD, especially where local users, containers, or other untrusted code can reach the kernel networking stack.
Technical summary
The vulnerability is described as a race condition in net/ipv4/datagram.c, specifically ip4_datagram_release_cb. According to NVD, incorrect locking expectations during concurrent access to internal data structures for IPv4 UDP sockets can result in a use-after-free. The weakness categories listed by NVD are CWE-362 and CWE-416. NVD’s affected ranges cover Linux kernel versions before 3.15.2, with additional backported vulnerable ranges listed for several stable branches, and Android through 7.1.1 in the CPE data.
Defensive priority
High. This is a local kernel memory-safety issue with potential privilege escalation impact, so patching should be prioritized on any exposed or multi-user Linux or Android system running an affected kernel branch.
Recommended defensive actions
- Upgrade to a kernel release that includes the upstream fix referenced by the Linux commit and the 3.15.2 changelog.
- Validate whether your distribution has backported the fix, since NVD lists multiple vulnerable version ranges across stable branches.
- Inventory Linux and Android devices to identify affected kernel versions, including embedded or vendor-customized builds.
- Restrict local access where possible until patched, because the attack vector is local.
- Monitor vendor advisories and package updates tied to the upstream kernel patch and release notes.
Evidence notes
This debrief is based on the NVD CVE record and the linked upstream Linux commit, Linux 3.15.2 changelog, and Android security bulletin references included in the source corpus. NVD identifies the issue as a race condition in ip4_datagram_release_cb with CWE-362 and CWE-416, and provides vulnerable version ranges for Linux kernel branches before 3.15.2 plus Android through 7.1.1. No exploit steps or unsupported impact claims are included.
Official resources
-
CVE-2014-9914 CVE record
CVE.org
-
CVE-2014-9914 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Issue Tracking, Patch, Third Party Advisory
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
-
Mitigation or vendor reference
[email protected] - Release Notes, Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
-
Mitigation or vendor reference
[email protected] - Issue Tracking, Patch, Third Party Advisory
Publicly recorded in NVD on 2017-02-07, with the record last modified on 2026-05-13. The source corpus also links an upstream Linux patch commit and vendor advisory references.