Description
Race condition in the scan_get_next_rmap_item function in mm/ksm.c in the
Linux kernel before 2.6.39.3, when Kernel SamePage Merging (KSM) is
enabled, allows local users to cause a denial of service (NULL pointer
dereference) or possibly have unspecified other impact via a crafted
application.
Ubuntu-Description
Andrea Righi discovered a race condition in the KSM memory merging support.
If KSM was being used, a local attacker could exploit this to crash the
system, leading to a denial of service.
Package
| Upstream: | released
(3.0~rc4)
|
| Ubuntu 14.04 ESM (Trusty Tahr): | not-affected
(3.11.0-12.19)
|
Patches:
Package
| Upstream: | released
(3.0~rc4)
|
| Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Package
| Upstream: | released
(3.0~rc4)
|
| Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was not-affected [3.4.0-1.3])
|
Package
| Upstream: | released
(3.0~rc4)
|
| Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Package
| Upstream: | released
(3.0~rc4)
|
| Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was not-affected [3.4.0-1.7])
|
Package
| Upstream: | released
(3.0~rc4)
|
| Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was not-affected [3.1.10-8.28])
|
Package
| Upstream: | released
(3.0~rc4)
|
| Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Package
| Upstream: | released
(3.0~rc4)
|
| Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Package
| Upstream: | released
(3.0~rc4)
|
| Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Package
| Upstream: | released
(3.0~rc4)
|
| Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was not-affected [3.0.0-3.18])
|
Package
| Upstream: | released
(3.0~rc4)
|
| Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was not-affected [3.4.0-3.21])
|
Package
| Upstream: | released
(3.0~rc4)
|
| Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was not-affected [3.4.0-4.19])
|
Package
| Upstream: | released
(3.0~rc4)
|
| Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Package
| Upstream: | released
(3.0~rc4)
|
| Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Updated: 2020-03-18 22:06:25 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)