Published: 04/04/2011 Updated: 12/08/2020

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

VMScore: 495

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

The epoll implementation in the Linux kernel 2.6.37.2 and previous versions does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
suse linux enterprise desktop 11
suse linux enterprise server 11
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat enterprise linux workstation 6.0

Synopsis Moderate: Red Hat Enterprise Linux 6 kernel security, bug fix and enhancement update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix two security issues, address severalhundred bugs and add numerous enhancements are now available as part of theongoing support and ma ...

Synopsis Moderate: kernel security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix one security issue and multiple bugs arenow available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impa ...

Synopsis Moderate: Red Hat Enterprise Linux 58 kernel update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix one security issue, address severalhundred bugs, and add numerous enhancements are now available as part ofthe ongoing support and maintenance of Red Hat Enterprise ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix two security issues and several bugs arenow available for Red Hat Enterprise Linux 62 Extended Update SupportThe Red Hat Security Response Team has rated this update as ...

A flaw was found in the way the Linux kernel's Event Poll (epoll) subsystem handled large, nested epoll structures A local, unprivileged user could use this flaw to cause a denial of service A malicious Network File System version 4 (NFSv4) server could return a crafted reply to a GETACL request, causing a denial of service on the client The rds ...

The epoll implementation in the Linux kernel 26372 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeopsc in ...

/* source: wwwsecurityfocuscom/bid/46630/info The Linux Kernel epoll Subsystem is prone to multiple local denial-of-service vulnerabilities Successful exploits will allow attackers to cause the kernel to hang, denying service to legitimate users */ #include <unistdh> #include <sys/epollh> int main(void) { int e1 ...

CWE-400 http://article.gmane.org/gmane.linux.kernel/1105744 http://openwall.com/lists/oss-security/2011/03/02/2 http://article.gmane.org/gmane.linux.kernel/1106686 http://openwall.com/lists/oss-security/2011/03/02/1 https://bugzilla.redhat.com/show_bug.cgi?id=681578 http://secunia.com/advisories/43522 http://www.osvdb.org/71265 http://article.gmane.org/gmane.linux.kernel/1105888 http://rhn.redhat.com/errata/RHSA-2012-0862.html http://secunia.com/advisories/48898 http://secunia.com/advisories/48964 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html http://secunia.com/advisories/48410 http://secunia.com/advisories/48115 https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2012:0862 https://www.exploit-db.com/exploits/35403/https://alas.aws.amazon.com/ALAS-2012-100.html

CVE-2011-1083

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect