Published: 04/10/2012 Updated: 13/02/2023

CVSS v2 Base Score: 6.2 | Impact Score: 10 | Exploitability Score: 1.9

VMScore: 553

Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel prior to 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.0.25
linux linux kernel 3.1.2
linux linux kernel 3.0
linux linux kernel 3.2.19
linux linux kernel 3.0.22
linux linux kernel 3.0.5
linux linux kernel 3.2.18
linux linux kernel 3.3
linux linux kernel 3.1
linux linux kernel 3.2.5
linux linux kernel 3.0.18
linux linux kernel 3.0.6
linux linux kernel 3.0.11
linux linux kernel 3.0.34
linux linux kernel 3.0.32
linux linux kernel 3.2
linux linux kernel 3.2.16
linux linux kernel 3.3.2
linux linux kernel 3.0.19
linux linux kernel 3.0.4
linux linux kernel 3.3.8
linux linux kernel 3.0.27
linux linux kernel 3.3.3
linux linux kernel 3.2.11
linux linux kernel 3.0.23
linux linux kernel 3.2.10
linux linux kernel 3.0.8
linux linux kernel 3.2.14
linux linux kernel 3.3.4
linux linux kernel 3.0.33
linux linux kernel 3.0.28
linux linux kernel 3.3.6
linux linux kernel 3.4
linux linux kernel 3.2.4
linux linux kernel 3.0.13
linux linux kernel 3.4.3
linux linux kernel 3.2.9
linux linux kernel 3.0.10
linux linux kernel 3.2.15
linux linux kernel 3.0.1
linux linux kernel 3.1.6
linux linux kernel 3.2.20
linux linux kernel 3.2.6
linux linux kernel 3.2.2
linux linux kernel
linux linux kernel 3.0.17
linux linux kernel 3.1.3
linux linux kernel 3.1.9
linux linux kernel 3.0.16
linux linux kernel 3.2.13
linux linux kernel 3.0.21
linux linux kernel 3.0.7
linux linux kernel 3.1.5
linux linux kernel 3.1.8
linux linux kernel 3.2.1
linux linux kernel 3.2.7
linux linux kernel 3.0.20
linux linux kernel 3.0.24
linux linux kernel 3.3.5
linux linux kernel 3.0.15
linux linux kernel 3.0.2
linux linux kernel 3.4.2
linux linux kernel 3.1.7
linux linux kernel 3.1.1
linux linux kernel 3.4.1
linux linux kernel 3.3.7
linux linux kernel 3.0.12
linux linux kernel 3.2.17
linux linux kernel 3.2.8
linux linux kernel 3.1.10
linux linux kernel 3.3.1
linux linux kernel 3.0.3
linux linux kernel 3.0.9
linux linux kernel 3.0.26
linux linux kernel 3.1.4
linux linux kernel 3.0.30
linux linux kernel 3.0.31
linux linux kernel 3.0.29
linux linux kernel 3.2.12
linux linux kernel 3.0.14
linux linux kernel 3.2.3

Synopsis Moderate: kernel security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix multiple security issues and several bugsare now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel-rt packages that fix several security issues and multiplebugs are now available for Red Hat Enterprise MRG 22The Red Hat Security Response Team has rated this update as havingimportant ...

Synopsis Moderate: kernel security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix multiple security issues and several bugsare now available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity ...

A use-after-free flaw was found in the Linux kernel's memory management subsystem in the way quota handling for huge pages was performed A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges (CVE-2012-2133, Moderate) A use-after-free flaw was found in the madvise() system call imple ...

Several security issues were fixed in the kernel ...

CWE-362 https://github.com/torvalds/linux/commit/9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb http://www.openwall.com/lists/oss-security/2012/08/20/13 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5 https://bugzilla.redhat.com/show_bug.cgi?id=849734 http://www.ubuntu.com/usn/USN-1567-1 http://www.ubuntu.com/usn/USN-1572-1 http://ubuntu.com/usn/usn-1529-1 http://www.ubuntu.com/usn/USN-1577-1 http://www.securityfocus.com/bid/55151 http://secunia.com/advisories/50633 http://secunia.com/advisories/50732 http://secunia.com/advisories/55055 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2012:1426 https://usn.ubuntu.com/1577-1/https://alas.aws.amazon.com/ALAS-2012-142.html

CVE-2012-3511

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect