|Date: (C)2008-07-02 (M)2017-10-04|
|CVSS Score: 4.9||Access Vector: LOCAL|
|Exploitability Subscore: 3.9||Access Complexity: LOW|
|Impact Subscore: 6.9||Authentication: NONE|
| ||Confidentiality: NONE|
| ||Integrity: NONE|
| ||Availability: COMPLETE|
The Linux kernel 2.6.24 and 2.6.25 before 220.127.116.11 allows local users to cause a denial of service (memory consumption) via a large number of calls to the get_user_pages function, which lacks a ZERO_PAGE optimization and results in allocation of "useless newly zeroed pages."