In the Linux kernel prior to 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for malicious users to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
debian debian linux 8.0 |
||
redhat enterprise linux 7.0 |
||
redhat enterprise linux 8.0 |
||
opensuse leap 42.3 |
||
opensuse leap 15.0 |
||
canonical ubuntu linux 18.10 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 12.04 |