CVE-2018-7740

Impact:
Low
Public Date:
2018-03-07
CWE:
CWE-119
Bugzilla:
1552867: CVE-2018-7740 kernel: Denial of service in resv_map_release function in mm/hugetlb.c
The resv_map_release function in mm/hugetlb.c in the Linux kernel, through 4.15.7, allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.

Find out more about CVE-2018-7740 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.

CVSS3 Base Score 4.4
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity High
Privileges Required Low
User Interaction Required
Scope Unchanged
Confidentiality None
Integrity Impact None
Availability Impact High

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt) RHSA-2018:3096 2018-10-30
Red Hat Enterprise Linux 7 (kernel) RHSA-2018:3083 2018-10-30

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel Affected
Red Hat Enterprise Linux 7 kernel-alt Affected
Red Hat Enterprise Linux 6 kernel Not affected
Red Hat Enterprise Linux 5 kernel Not affected
Last Modified