vulnerability
Ubuntu: (CVE-2016-10723): linux-hwe vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:N/I:N/A:C) | Jun 21, 2018 | Nov 19, 2024 | Sep 1, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:C)
Published
Jun 21, 2018
Added
Nov 19, 2024
Modified
Sep 1, 2025
Description
An issue was discovered in the Linux kernel through 4.17.2. Since the page allocator does not yield CPU resources to the owner of the oom_lock mutex, a local unprivileged user can trivially lock up the system forever by wasting CPU resources from the page allocator (e.g., via concurrent page fault events) when the global OOM killer is invoked. NOTE: the software maintainer has not accepted certain proposed patches, in part because of a viewpoint that "the underlying problem is non-trivial to handle.
Solutions
ubuntu-upgrade-linux-gcpubuntu-upgrade-linux-gcp-edgeubuntu-upgrade-linux-hweubuntu-upgrade-linux-oracle
References
- CVE-2016-10723
- https://attackerkb.com/topics/CVE-2016-10723
- URL-https://lore.kernel.org/lkml/[email protected]/
- URL-https://lore.kernel.org/lkml/[email protected]/
- URL-https://patchwork.kernel.org/patch/10395909/
- URL-https://patchwork.kernel.org/patch/9842889/
- URL-https://www.cve.org/CVERecord?id=CVE-2016-10723
- URL-https://www.spinics.net/lists/linux-mm/msg117896.html
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.