CVE-2011-2498
Published: 28 June 2011
The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.
From the Ubuntu security team
The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service.
Priority
Low
CVSS 3 base score: 5.5
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc6)
|
|
Patches: Introduced by a63d83f427fbce97a6cea0db2e64b0eb8435cd10 Fixed by f755a042d82b51b54f3bdd0890e5ea56c0fb6807 |
||
|
linux-armadaxp Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc6)
|
|
linux-ec2 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc6)
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc6)
|
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc6)
|
|
linux-lts-backport-natty Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc6)
|
|
linux-lts-backport-oneiric Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc6)
|
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc6)
|
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc6)
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2498
- http://git.kernel.org/linus/a63d83f427f
- http://git.kernel.org/linus/f755a042d
- https://usn.ubuntu.com/usn/usn-1167-1
- https://usn.ubuntu.com/usn/usn-1380-1
- https://usn.ubuntu.com/usn/usn-1383-1
- https://usn.ubuntu.com/usn/usn-1386-1
- NVD
- Launchpad
- Debian