CVE-2012-2373
Published: 18 May 2012
The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition.
From the Ubuntu security team
Ulrich Obergfell discovered an error in the Linux kernel's memory management subsystem on 32 bit PAE systems with more than 4GB of memory installed. A local unprivileged user could exploit this flaw to crash the system.
Priority
Status
Notes
Author | Note |
---|---|
jdstrand | linux-armadaxp is maintained by OEM |
henrix | Lucid isn't affected (vulnerable code isn't present) confirmed Debian stable kernel and they tag it as not affected as well |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2373
- http://www.openwall.com/lists/oss-security/2012/05/18/5
- https://ubuntu.com/security/notices/USN-1529-1
- https://ubuntu.com/security/notices/USN-1533-1
- https://ubuntu.com/security/notices/USN-1532-1
- https://ubuntu.com/security/notices/USN-1514-1
- https://ubuntu.com/security/notices/USN-1539-1
- NVD
- Launchpad
- Debian