CVE-2012-3511

Public on 2012-10-04

Modified on 2014-09-14

Description

Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.

Severity

Medium

See what this means

CVSS v3 Base Score

6.2

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory
Amazon Linux 1	kernel	2012-11-20	ALAS-2012-142

CVSS Scores

	Score Type	Score	Vector
Amazon Linux	CVSSv2	6.2	AV:L/AC:H/Au:N/C:C/I:C/A:C
NVD	CVSSv2	6.2	AV:L/AC:H/Au:N/C:C/I:C/A:C

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2012-3511 Mitre: CVE-2012-3511