CVE-2011-2183

Linux Kernel < 2.6.39.3 - Race Condition in KSM scan_get_next_rmap_item

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-2183. PoCs published by Andrea Righi.

AI-analyzed exploit summary This exploit triggers a local denial-of-service (DoS) in the Linux kernel by leveraging the MADV_MERGEABLE madvise flag and a NULL pointer dereference. It causes a kernel crash by writing to a NULL address after setting up a mergeable memory region.

Description

Race condition in the scan_get_next_rmap_item function in mm/ksm.c in the Linux kernel before 2.6.39.3, when Kernel SamePage Merging (KSM) is enabled, allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted application.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Andrea Righi · cdoslinux
https://www.exploit-db.com/exploits/35820

This exploit triggers a local denial-of-service (DoS) in the Linux kernel by leveraging the MADV_MERGEABLE madvise flag and a NULL pointer dereference. It causes a kernel crash by writing to a NULL address after setting up a mergeable memory region.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Linux kernel (versions affected by CVE-2011-2183)
No auth needed
Prerequisites: Local access to the target system · Ability to execute arbitrary code
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Scores

EPSS 0.0054
EPSS Percentile 41.0%

Details

CWE
CWE-362
Status published
Products (3)
linux/linux_kernel 2.6.39 (8 CPE variants)
linux/linux_kernel 2.6.39.1
linux/linux_kernel < 2.6.39.2
Published Jun 13, 2012
Tracked Since Feb 18, 2026