Date: Mon, 14 May 2018 14:35:14 -0700 (PDT) From: David Rientjes <rientjes@...gle.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2018-1000200 (Linux): Bad memory access on oom kill of large mlocked process On Tue, 24 Apr 2018, David Rientjes wrote: > Hi all, > > Out of memory (oom) killing a process that has large spans of mlocked > memory can result in a bad memory access or a NULL pointer dereference due > to concurrent memory unmapping by the oom reaper kernel thread. > > This affects Linux 4.14, 4.15, and 4.16. > The fix for this has been merged into 4.17-rc5 as commit 27ae357fa82b ("mm, oom: fix concurrent munlock and oom reaper unmap, v3"), see https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a Furthermore, it has been staged for inclusion in both the 4.14 and 4.16 stable kernels.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.