CVE-2008-2372
CVE-2008-2372
The Linux kernel 2.6.24 and 2.6.25 before 2.6.25.9 allows local users to cause a denial of service (memory consumption) via a large number of calls to the get_user_pages function, which lacks a ZERO_PAGE optimization and results in allocation of "useless newly zeroed pages."
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=89f5b7da2a6bad2e84670422ab8192382a5aeb9fhttp://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.9http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.htmlhttp://new-ubuntu-news.blogspot.com/2008/06/re-pending-stable-kernel-security_25.htmlhttp://secunia.com/advisories/30901http://secunia.com/advisories/30982http://secunia.com/advisories/31202http://secunia.com/advisories/31628http://secunia.com/advisories/32393http://secunia.com/advisories/32485