CVE-2011-4097

kernel: oom_badness() integer overflow

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termination) by using a certain large amount of memory.

Desbordamiento de entero en la función oom_badness en mm/oom_kill.c en el núcleo de Linux anteriores a v3.1.8 en plataformas de 64 bits, que permite a usuarios locales causar una denegación de servicio (consumo de memoria y terminación del proceso) mediante el uso de una cierta cantidad grande de memoria.

Updates have been made to the Linux kernel. SG_IO ioctl SCSI requests on partitions or LVM volumes could be passed to the underlying block device, allowing a privileged user to bypass restrictions and gain read and write access to the entire block device. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. A local, unprivileged user could use a flaw in the Performance Events implementation to cause a denial of service. Various other issues have also been addressed.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-10-18 CVE Reserved
2012-02-24 CVE Published
2024-08-06 CVE Updated
2024-08-06 First Exploit
2025-05-03 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-190: Integer Overflow or Wraparound

CAPEC

References (5)

URL	Tag	Source

URL	Date	SRC
http://www.openwall.com/lists/oss-security/2011/11/01/2	2024-08-06
https://bugzilla.redhat.com/show_bug.cgi?id=750399	2024-08-06
https://github.com/torvalds/linux/commit/56c6a8a4aadca809e04276eabe5552935c51387f	2024-08-06

URL	Date	SRC
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.8	2023-02-13

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2011-4097	2012-02-23

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 3.1.8 Search vendor "Linux" for product "Linux Kernel" and version " < 3.1.8"		x64		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				6.0 Search vendor "Redhat" for product "Enterprise Linux" and version "6.0"		-		Affected