You are here

CVE-2012-2390

Vincent (CVE) Danen's picture
Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service (memory consumption or system crash) via invalid MAP_HUGETLB mmap operations.

Details Source

Mitre

Statement

This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5 as they did not include the upstream commit 84afd99b that introduced this issue. Future kernel updates for Red Hat Enterprise Linux 6 may address this issue.

This has been addressed in Red Hat Enterprise Linux Red Hat Enterprise MRG 2 via https://rhn.redhat.com/errata/RHSA-2012-1150.html

Public Date

2012-05-17 00:00:00

Impact

Moderate

Bugzilla

CVE-2012-2390 kernel: huge pages: memory leak on mmap failure

Bugzilla ID

824 345

CVSS Status

verified

Base Score

4.90

Base Metrics

AV:L/AC:L/Au:N/C:N/I:N/A:C

Red Hat Security Errata

Platform Errata Release Date
MRG Grid for RHEL 6 Server v.2 (kernel-rt) RHSA-2012:1150 2012-08-08
Red Hat Enterprise Linux 6 (kernel) RHSA-2012:1304 2012-09-25

CWE

CWE-401

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel Affected
Red Hat Enterprise Linux 5 kernel Not affected