Bypassing mmap_min_addr Restrictions in Linux Kernel

Bypassing mmap_min_addr Restrictions in Linux Kernel

CVE-2010-4346 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

The install_special_mapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-language application.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.