Bug 416977 (CVE-2012-2373)

Summary:	Kernel mmap_sem Denial of Service Vulnerability (CVE-2012-2373)
Product:	Gentoo Security	Reporter:	the_eccentric
Component:	Kernel	Assignee:	Gentoo Kernel Security <security-kernel>
Status:	RESOLVED OBSOLETE
Severity:	minor	CC:	kernel
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://permalink.gmane.org/gmane.linux.kernel.mm/78590
Whiteboard:
Package list:		Runtime testing required:	---

Description the_eccentric 2012-05-21 21:16:08 UTC

Linux Kernel mmap_sem Denial of Service Vulnerability
The vulnerability is caused due to a race condition error when holding the mmap_sem lock for reading and can be exploited to cause a crash. This should be a longstanding bug affecting x86 32bit PAE without
THP. Only archs with 64bit large pmd_t and 32bit unsigned long should
be affected.

Reproducible: Always

Comment 1 Tim Sammut (RETIRED) gentoo-dev

2012-05-23 06:04:22 UTC

@kernel, would you mind determining if this affects stable versions of in-tree kernels? Tnx muchly.

Comment 2 Aaron Bauman (RETIRED) gentoo-dev

2018-04-04 18:12:09 UTC

There are no longer any 2.x or <3.4.5 kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.