Linux Kernel Use-After-Free Vulnerability in Huge Pages Handling

Linux Kernel Use-After-Free Vulnerability in Huge Pages Handling

CVE-2012-2133 · MEDIUM Severity

AV:L/AC:H/AU:N/C:N/I:N/A:C

Use-after-free vulnerability in the Linux kernel before 3.3.6, when huge pages are enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges by interacting with a hugetlbfs filesystem, as demonstrated by a umount operation that triggers improper handling of quota data.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.