Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2183

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2011-2183
Last Modified 14 Jun 2012 12:00:00
Published 13 Jun 2012 06:24:54
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2011-2183

Summary

Race condition in the scan_get_next_rmap_item function in mm/ksm.c in the Linux kernel before 2.6.39.3, when Kernel SamePage Merging (KSM) is enabled, allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted application.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.39

  • Linux Kernel 2.6.39.1

  • Linux Kernel 2.6.39.2


References

CONFIRM - https://github.com/torvalds/linux/commit/2b472611a32a72f4a118c069c2d62a1a3f087afd

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2b472611a32a72f4a118c069c2d62a1a3f087afd

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=710338

MLIST - [oss-security] 20110606 Re: CVE request: kernel: ksm: race between ksmd and exiting task

CONFIRM - http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3

Related Patches

Novell SUSE 2011:4884 kernel security update for SLE 11 SP1 i586


Last Updated: 27 May 2016 10:49:38