Hillf Danton

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.3.6 **Description** The issue is related to a use-after-free vulnerability in the Linux kernel. When huge pages are enabled, local users can cause a denial of service, potentially leading to a system crash, or possibly gain privileges. This can be achieved by interacting with a hugetlbfs filesystem. An example of triggering this issue is through a umount operation that improperly handles quota data. **Recommendations** For Linux kernel versions prior to 3.3.6, update to version 3.3.6 or later to resolve the issue. As a temporary workaround, consider disabling huge pages to minimize the risk of exploitation. Restrict access to hugetlbfs filesystems to reduce the potential for privilege escalation.