CVE-2018-1000200
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
05/06/2018
Last modified:
31/10/2018
Description
The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper's unmap_page_range() since the vma's VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked).
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Base Score 2.0
4.90
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:4.14:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:4.15:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:4.16:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://seclists.org/oss-sec/2018/q2/67
- http://www.securityfocus.com/bid/104397
- https://access.redhat.com/errata/RHSA-2018:2948
- https://access.redhat.com/security/cve/cve-2018-1000200
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a
- https://marc.info/?l=linux-kernel&m=152400522806945
- https://marc.info/?l=linux-kernel&m=152460926619256
- https://usn.ubuntu.com/3752-1/
- https://usn.ubuntu.com/3752-2/
- https://usn.ubuntu.com/3752-3/