kernel: mm: use-after-free in do_get_mempolicy function allows local DoS or other unspecified impact

The dogetmempolicy function in mm/mempolicy.c in the Linux kernel allows local users to hit a use-after-free bug via crafted system calls and thus cause a denial of service DoS or possibly have unspecified other impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out...

Important: kernel

Issue Overview: A weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. CVE-2018-1108 A flaw was found in the way the Linux kernel handled exceptions...

PT-2018-2218 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.12.9 Description: The issue is related to the do get mempolicy function in the Linux kernel, which is vulnerable to a use-after-free condition. This can be exploited by local users through specially crafted...

CVE-2005-3053

The syssetmempolicy function in mempolicy.c in Linux kernel 2.6.x allows local users to cause a denial of service kernel BUG via a negative first argument...