Date: Mon, 14 May 2018 14:35:14 -0700 (PDT) From: David Rientjes <rientjes@...gle.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2018-1000200 (Linux): Bad memory access on oom kill of large mlocked process On Tue, 24 Apr 2018, David Rientjes wrote: > Hi all, > > Out of memory (oom) killing a process that has large spans of mlocked > memory can result in a bad memory access or a NULL pointer dereference due > to concurrent memory unmapping by the oom reaper kernel thread. > > This affects Linux 4.14, 4.15, and 4.16. > The fix for this has been merged into 4.17-rc5 as commit 27ae357fa82b ("mm, oom: fix concurrent munlock and oom reaper unmap, v3"), see https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a Furthermore, it has been staged for inclusion in both the 4.14 and 4.16 stable kernels.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ