CVE-2013-0309Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer15 documents7 sources
Severity
4.7MEDIUMNVD
EPSS
0.1%
top 79.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Linux KernelDebian LinuxRedhat Enterprise Linux
Timeline
PublishedFeb 22
Latest updateMay 5

Description

arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when transparent huge pages are used, does not properly support PROT_NONE memory regions, which allows local users to cause a denial of service (system crash) via a crafted application.

CVSS vector

AV:L/AC:M/C:N/I:N/A:CExploitability: 3.4 | Impact: 6.9

Affected Packages3 packages

Debianlinux/linux_kernel< 3.2.32-1+3
NVDlinux/linux_kernel3.6.1+125
debiandebian/linux< linux 3.2.32-1 (bookworm)

Also affects: Enterprise Linux 6.0

🔴Vulnerability Details

2
GHSA
GHSA-pwmw-wxq4-vr2f: arch/x86/include/asm/pgtable2022-05-05
OSV
CVE-2013-0309: arch/x86/include/asm/pgtable2013-02-22

📋Vendor Advisories

11
Ubuntu
Linux kernel (EC2) vulnerabilities2013-03-22
Ubuntu
Linux kernel vulnerabilities2013-03-22
Red Hat
kernel: mm: thp: pmd_present and PROT_NONE local DoS2013-02-19
Debian
CVE-2013-0309: linux - arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when transparen...2013
Ubuntu
Linux kernel vulnerabilities2012-11-30

💬Community

1
Bugzilla
CVE-2013-0309 kernel: mm: thp: pmd_present and PROT_NONE local DoS2013-02-19