CVE-2010-4169
Published: 22 November 2010
Use-after-free vulnerability in mm/mprotect.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors involving an mprotect system call.
From the Ubuntu security team
Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service.
Priority
Status
Notes
Author | Note |
---|---|
mdeslaur | introduced in dab5855 |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4169
- https://usn.ubuntu.com/usn/usn-1054-1
- https://usn.ubuntu.com/usn/usn-1073-1
- https://usn.ubuntu.com/usn/usn-1074-1
- https://usn.ubuntu.com/usn/usn-1074-2
- https://usn.ubuntu.com/usn/usn-1083-1
- https://usn.ubuntu.com/usn/usn-1093-1
- https://usn.ubuntu.com/usn/usn-1167-1
- https://usn.ubuntu.com/usn/usn-1202-1
- NVD
- Launchpad
- Debian