Red Hat Bugzilla – Bug 849722
CVE-2012-3510 kernel: taskstats: use-after-free in xacct_add_tsk()
Last modified: 2016-03-04 06:00:44 EST
An use-after-free flaw has been found in the way taskstat's TASKSTATS_CMD_ATTR_PID command and exiting tasks with already freed mm interacted. An unprivileged local user could use this flaw to crash the system or leak kernel memory.
Red Hat would like to thank Alexander Peslyak for reporting this issue.
This issue did not affect the versions of the Linux kernel as shipped with Red
Hat Enterprise Linux 6 and Red Hat Enterprise MRG as they already contain
upstream commit f0ec1aaf54cadd that fixed this issue.
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Via RHSA-2012:1323 https://rhn.redhat.com/errata/RHSA-2012-1323.html