CVE-2010-4346

Priority
Description
The install_special_mapping function in mm/mmap.c in the Linux kernel
before 2.6.37-rc6 does not make an expected security_file_mmap function
call, which allows local users to bypass intended mmap_min_addr
restrictions and possibly conduct NULL pointer dereference attacks via a
crafted assembly-language application.
Ubuntu-Description
Tavis Ormandy discovered that the install_special_mapping function could
bypass the mmap_min_addr restriction. A local attacker could exploit this
to mmap 4096 bytes below the mmap_min_addr area, possibly improving the
chances of performing NULL pointer dereference attacks.
Notes
keesUbuntu mmap_min_addr default is 64k, so this isn't very interesting in our case
Package
Upstream:released (2.6.37~rc6)
Package
Upstream:released (2.6.37~rc6)
Package
Upstream:released (2.6.37~rc6)
Package
Upstream:released (2.6.37~rc6)
Package
Upstream:released (2.6.37~rc6)
Package
Upstream:released (2.6.37~rc6)
Package
Upstream:released (2.6.37~rc6)
More Information

Updated: 2019-12-05 20:56:00 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)