Race Condition in Linux Kernel's Memory Management Subsystem Allows for System Crash and Kernel Information Leak

Race Condition in Linux Kernel's Memory Management Subsystem Allows for System Crash and Kernel Information Leak

CVE-2023-4611 · MEDIUM Severity

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H

A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak.

Learn more about our Cis Benchmark Audit For Bind.