CVE-2011-1474

Published: Dec 26, 2019Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

A locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch. A bad bounds check in arch_get_unmapped_area_topdown triggered by programs doing an mmap after a MAP_GROWSDOWN mmap will create an infinite loop condition without releasing the VM semaphore eventually leading to a system crash.

Affected (3)

Products: Linux: Linux Kernel

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Version 2.6.32.33 test79
Linux Linux Kernel	Version 2.6.37.4 test14
Linux Linux Kernel	Version 2.6.38 test3

Related CWEs

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

References (4)

http://seclists.org/oss-sec/2011/q1/579

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://security-tracker.debian.org/tracker/CVE-2011-1474

Source: cve@mitre.org

Third Party Advisory

http://seclists.org/oss-sec/2011/q1/579

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://security-tracker.debian.org/tracker/CVE-2011-1474

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.