Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 14 May 2018 14:35:14 -0700 (PDT)
From: David Rientjes <>
Subject: Re: CVE-2018-1000200 (Linux): Bad memory access on oom kill of large
 mlocked process

On Tue, 24 Apr 2018, David Rientjes wrote:

> Hi all,
> Out of memory (oom) killing a process that has large spans of mlocked 
> memory can result in a bad memory access or a NULL pointer dereference due 
> to concurrent memory unmapping by the oom reaper kernel thread.
> This affects Linux 4.14, 4.15, and 4.16.

The fix for this has been merged into 4.17-rc5 as commit 27ae357fa82b 
("mm, oom: fix concurrent munlock and oom reaper unmap, v3"), see

Furthermore, it has been staged for inclusion in both the 4.14 and 4.16 
stable kernels.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.