Upstream information
Description
The Linux kernel 2.6.24 and 2.6.25 before 2.6.25.9 allows local users to cause a denial of service (memory consumption) via a large number of calls to the get_user_pages function, which lacks a ZERO_PAGE optimization and results in allocation of "useless newly zeroed pages."SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 4.9 |
| Vector | AV:L/AC:L/Au:N/C:N/I:N/A:C |
| Access Vector | Local |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | Complete |
SUSE Security Advisories:
- SUSE-SA:2008:035, published Mon, 21 Jul 2008 10:00:00 +0000
- SUSE-SA:2008:037, published Tue, 22 Jul 2008 17:00:00 +0000
- SUSE-SA:2008:038, published Tue, 29 Jul 2008 16:00:00 +0000
SUSE Timeline for this CVE
CVE page created: Tue Jul 9 15:53:52 2013CVE page last modified: Fri Dec 8 16:26:27 2023