|Description||The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call.|
|Source||CVE (at NVD; LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)|
|References||DSA-1067-1, DSA-1069-1, DSA-1070-1, DSA-1082-1|
|NVD severity||low (attack range: local)|
The information below is based on the following data on fixed versions.
- linux-2.6 <not-affected> (Fixed before upload of linux-2.6 package into the archive; 2.6.6)
- kernel-source-2.4.27 <not-affected> (Fixed before upload of package into the archive; 2.4.26)