Your submission was sent successfully! Close

CVE-2011-2498

Published: 28 June 2011

The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.

From the Ubuntu security team

The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.39~rc6)
Patches:
Introduced by a63d83f427fbce97a6cea0db2e64b0eb8435cd10
Fixed by f755a042d82b51b54f3bdd0890e5ea56c0fb6807
linux-armadaxp
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.39~rc6)
linux-ec2
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.39~rc6)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.39~rc6)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.39~rc6)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.39~rc6)
linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.39~rc6)
linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.39~rc6)
linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.39~rc6)