CVE-2013-1767 Kernel: tmpfs: fix use-after-free of mempolicy object

Solution Unverified - Updated -

Issue

The MITRE CVE dictionary describes this issue as:

Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option.

Have Red Hat addressed this vulnerability in RHEL?

Environment

  • Red Hat Enterprise Linux (RHEL) 6
  • Red Hat MRG 2 (kernel-rt)

Please note, this issue does not affect RHEL 5.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In