Published: 02/05/2005 Updated: 05/09/2008

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 215

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of service (system panic) via a process that executes the io_queue_init function but exits without running io_queue_release, which causes exit_aio and is_hugepage_only_range to fail.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6.11

// // Proof of Concept by Daniel McNeil // compile using cc -o aiodio_read aiodio_readc -laio // #define _XOPEN_SOURCE 600 #define _GNU_SOURCE #include <unistdh> #include <stdlibh> #include <stdioh> #include <stringh> #include <errnoh> #include <sys/fcntlh> #include <sys/mmanh> #include ...

NVD-CWE-Other http://groups-beta.google.com/group/linux.kernel/browse_thread/thread/13b43bd5783842f6/7ce3c5a514a497ab?q=io_queue_init&rnum=3#7ce3c5a514a497ab http://linux.bkbits.net:8080/linux-2.6/cset%404248c8c0es30_4YVdwa6vteKi7h_nw http://www.novell.com/linux/security/advisories/2005_50_kernel.html http://www.securityfocus.com/bid/12987 https://nvd.nist.gov https://www.exploit-db.com/exploits/911/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-0916

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect