Vigil@nce - Linux kernel: denial of service via Hugepage Migration
June 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can migrate huge pages of the Linux kernel, in order
to trigger a denial of service.
Impacted products: Linux
Severity: 1/4
Creation date: 03/06/2014
DESCRIPTION OF THE VULNERABILITY
Memory pages usually have a size of 4kbytes. In order to limit the
number of memory addresses conversions, the kernel supports huge
pages, with a size up to 16Mbytes.
However, when two threads move huge pages, the kernel tries to use
uninitialized data.
An attacker can therefore migrate huge pages of the Linux kernel,
in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-Hugepage-Migration-14830