CVE-2012-3511
Published: 24 August 2012
Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.
From the Ubuntu security team
A flaw was discovered in the madvise feature of the Linux kernel's memory subsystem. An unprivileged local use could exploit the flaw to cause a denial of service (crash the system).
Priority
Status
Notes
Author | Note |
---|---|
jdstrand | linux-armadaxp is maintained by OEM |
sbeattie | introduced in http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=90ed52ebe48181d3c5427b3bd1d24f659e7575ad |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3511
- http://seclists.org/oss-sec/2012/q3/256
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb
- https://ubuntu.com/security/notices/USN-1567-1
- https://ubuntu.com/security/notices/USN-1572-1
- https://ubuntu.com/security/notices/USN-1573-1
- https://ubuntu.com/security/notices/USN-1574-1
- https://ubuntu.com/security/notices/USN-1260-1
- https://ubuntu.com/security/notices/USN-1529-1
- https://ubuntu.com/security/notices/USN-1533-1
- https://ubuntu.com/security/notices/USN-1532-1
- https://ubuntu.com/security/notices/USN-1514-1
- https://ubuntu.com/security/notices/USN-1577-1
- https://ubuntu.com/security/notices/USN-1539-1
- NVD
- Launchpad
- Debian