CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:N/I:N/A:C
AI Score
Confidence
High
EPSS
Percentile
5.1%
The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition.
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:x86:* |
linux | linux_kernel | 3.4 | cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:x86:* |
linux | linux_kernel | 3.4 | cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:x86:* |
linux | linux_kernel | 3.4 | cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:x86:* |
linux | linux_kernel | 3.4 | cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:x86:* |
linux | linux_kernel | 3.4 | cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:x86:* |
linux | linux_kernel | 3.4 | cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:x86:* |
linux | linux_kernel | 3.4 | cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:x86:* |
linux | linux_kernel | 3.4 | cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:x86:* |
linux | linux_kernel | 3.4.1 | cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:x86:* |
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26c191788f18129af0eb32a358cdaea0c7479626
marc.info/?l=bugtraq&m=139447903326211&w=2
rhn.redhat.com/errata/RHSA-2012-0743.html
ubuntu.com/usn/usn-1529-1
www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5
www.openwall.com/lists/oss-security/2012/05/18/11
bugzilla.redhat.com/show_bug.cgi?id=822821
github.com/torvalds/linux/commit/26c191788f18129af0eb32a358cdaea0c7479626