CVE-2018-7740

Description

The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.

Risk Information

Base Score

5.5

MODERATE

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

Exploitation Probability

0.09

Associated Vulnerability

Vulnerability	OS Platform
Linux kernel (USN-3910-1) linux-image-aws_4.4.0.1077.80_amd64.deb	Linux
Linux kernel (USN-3910-1) linux-image-kvm_4.4.0.1041.41_amd64.deb	Linux
Linux kernel (USN-3910-1) linux-image-generic_4.4.0.143.151_i386.deb	Linux
Linux kernel (USN-3910-1) linux-image-generic_4.4.0.143.151_amd64.deb	Linux
Linux kernel (USN-3910-1) linux-image-virtual_4.4.0.143.151_i386.deb	Linux
Linux kernel (USN-3910-1) linux-image-virtual_4.4.0.143.151_amd64.deb	Linux
Linux kernel (USN-3910-1) linux-image-lowlatency_4.4.0.143.151_i386.deb	Linux
Linux kernel (USN-3910-1) linux-image-lowlatency_4.4.0.143.151_amd64.deb	Linux
Linux kernel (USN-3910-1) linux-image-4.4.0-1041-kvm_4.4.0-1041.47_amd64.deb	Linux
Linux kernel (USN-3910-1) linux-image-4.4.0-1077-aws_4.4.0-1077.87_amd64.deb	Linux
Linux kernel (USN-3910-1) linux-image-4.4.0-143-generic_4.4.0-143.169_i386.deb	Linux
Linux kernel (USN-3910-1) linux-image-4.4.0-143-generic_4.4.0-143.169_amd64.deb	Linux
Linux kernel (USN-3910-1) linux-image-4.4.0-143-lowlatency_4.4.0-143.169_i386.deb	Linux
Linux kernel (USN-3910-1) linux-image-4.4.0-143-lowlatency_4.4.0-143.169_amd64.deb	Linux
Linux kernel for Amazon Web Services (AWS) systems (USN-3910-2) linux-image-aws_4.4.0.1039.40_amd64.deb	Linux
Linux kernel for Amazon Web Services (AWS) systems (USN-3910-2) linux-image-4.4.0-1039-aws_4.4.0-1039.42_amd64.deb	Linux
Linux kernel for Amazon Web Services (AWS) systems (USN-3910-2) linux-image-4.4.0-143-generic_4.4.0-143.169~14.04.2_i386.deb	Linux
Linux kernel for Amazon Web Services (AWS) systems (USN-3910-2) linux-image-4.4.0-143-generic_4.4.0-143.169~14.04.2_amd64.deb	Linux
Linux kernel for Amazon Web Services (AWS) systems (USN-3910-2) linux-image-4.4.0-143-lowlatency_4.4.0-143.169~14.04.2_i386.deb	Linux
Linux kernel for Amazon Web Services (AWS) systems (USN-3910-2) linux-image-4.4.0-143-lowlatency_4.4.0-143.169~14.04.2_amd64.deb	Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234