CVE-2018-10675 kernel: Use-after-free vulnerability in mm/mempolicy.c:do_get_mempolicy

CVE ID

CVE-2018-10675

DESCRIPTION

The do_get_mempolicy() function in mm/mempolicy.c in the Linux kernel allows local users to hit a use-after-free bug via crafted system calls and thus cause a denial of service (DoS) or possibly have unspecified other impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

CVSS3 Base Score  7.8 High



 

RESOLUTION

Resolution:
Apply Unitrends security update v10.29 from 07/27/2018 or later,
    containing kernel-2.6.32-754.2.1.el6

LINK TO ADVISORIES

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us