Main Vulnerability Database SB2020022031

SB2020022031 - Input validation error in Linux kernel

Published: February 20, 2020 Updated: August 8, 2020

Security Bulletin ID SB2020022031

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Input validation error (CVE-ID: CVE-2011-2498)

The vulnerability allows a local authenticated user to perform a denial of service (DoS) attack.

The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.

Remediation

Install update from vendor's website.

References

http://marc.info/?l=oss-security&m=130923704824984&w=2
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-2498.html
https://security-tracker.debian.org/tracker/CVE-2011-2498
https://usn.ubuntu.com/1167-1/
https://www.rapid7.com/db/vulnerabilities/ubuntu-USN-1383-1