CVE-2011-2496

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2011-2496
Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping.

4.9 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 3.9 / Impact : 6.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References
Link Resource
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=982134ba62618c2d69fbbbd166d0a11ee3b7e3d8
http://www.openwall.com/lists/oss-security/2011/06/27/2
https://bugzilla.redhat.com/show_bug.cgi?id=716538
https://github.com/torvalds/linux/commit/982134ba62618c2d69fbbbd166d0a11ee3b7e3d8 Exploit Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38:rc8:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.38.7:*:*:*:*:*:*:*
History

13 Feb 2023, 01:19

Type Values Removed Values Added
References
  • {'url': 'http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=982134ba62618c2d69fbbbd166d0a11ee3b7e3d8', 'name': 'http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=982134ba62618c2d69fbbbd166d0a11ee3b7e3d8', 'tags': ['Patch'], 'refsource': 'CONFIRM'}
  • (MISC) http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=982134ba62618c2d69fbbbd166d0a11ee3b7e3d8 -
Information

Published : 2012-06-13 10:24

Updated : 2023-12-10 11:16

NVD link : CVE-2011-2496

Mitre link : CVE-2011-2496

CVE.ORG link : CVE-2011-2496

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-189

Numeric Errors