oss-sec mailing list archives
CVE request: kernel: Multiple DoS issues in epoll
From: Nelson Elhage <nelhage () ksplice com>
Date: Tue, 1 Mar 2011 20:56:46 -0500
Two requests for bugs in epoll: (1) The epoll subsystem in Linux did not prevent users from creating circular epoll file structures, potentially leading to a denial of service (kernel deadlock). Reference: https://lkml.org/lkml/2011/2/5/220 Upstream commit: http://git.kernel.org/linus/22bacca48a1755f79b7e0f192ddb9fbb7fc6e64e (2) The epoll subsystem allows users to create large nested epoll structures, which the kernel will then to walk with preemption disabled, causing a denial of service via excessive CPU consumption in the kernel. References: http://thread.gmane.org/gmane.linux.kernel/1105744 http://thread.gmane.org/gmane.linux.kernel/1105744/focus=1105888 No upstream fix yet for this one. - Nelson
Current thread:
- CVE request: kernel: Multiple DoS issues in epoll Nelson Elhage (Mar 01)
- Re: CVE request: kernel: Multiple DoS issues in epoll Petr Matousek (Mar 02)