CVE-2009-3888

Linux Kernel <2.6.31.6 - DoS

Title source: llm

Description

The do_mmap_pgoff function in mm/nommu.c in the Linux kernel before 2.6.31.6, when the CPU lacks a memory management unit, allows local users to cause a denial of service (OOPS) via an application that attempts to allocate a large amount of memory.

Exploits (1)

exploitdb STUB VERIFIED

by David Howells · cdoslinux

https://www.exploit-db.com/exploits/10017

View Code ZIP pw:eip

References (5)

[Patch] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=89a8640279f8bb78aaf778d1fc5c4a6778f18064

[Vendor Advisory] http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.6

[Vendor Advisory] http://www.ubuntu.com/usn/usn-864-1

[Mailing List] http://www.openwall.com/lists/oss-security/2009/11/09/2

[Mailing List] http://www.openwall.com/lists/oss-security/2009/11/13/3

Scores

EPSS 0.0012

EPSS Percentile 31.2%

Classification

CWE

CWE-399

Status draft

Affected Products (50)

linux/linux_kernel < 2.6.31.5

linux/linux_kernel

... and 35 more

Timeline

Published Nov 16, 2009

Tracked Since Feb 18, 2026