U-210: Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service

July 11, 2012 - 7:00am

PROBLEM:

Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service

PLATFORM:

Version(s): 2.6.x

ABSTRACT:

A vulnerability was reported in the Linux Kernel. A local user can cause denial of service conditions.

reference LINKS:

The Vendor's Advisory
SecurityTracker Alert ID: 1027237
SecurityTracker Alert ID: 1027240
Red Hat advisory
CVE-2012-3375

IMPACT ASSESSMENT:

Medium

Discussion:

The Linux kernel's Event Poll (epoll) subsystem does not properly handle resource clean up when an ELOOP error code is returned. A local user can exploit this to cause the target system to crash.

Impact:

A local user can cause the target system to crash.

Solution:

The vendor has issued a fix.
Red Hat advisory, kernel security and bug fix update.

Energy.gov

Office of the Chief Information Officer

Office of the Chief Information Officer

All Offices

You are here

U-210: Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service

PROBLEM:

PLATFORM:

ABSTRACT:

reference LINKS:

IMPACT ASSESSMENT:

Discussion:

Impact:

Solution:

JC3 Contact:

Energy.gov

Energy.gov

Office of the Chief Information Officer

Search form

Office of the Chief Information Officer

All Offices

You are here

U-210: Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service

Addthis

PROBLEM:

PLATFORM:

ABSTRACT:

reference LINKS:

IMPACT ASSESSMENT:

Discussion:

Impact:

Solution:

Addthis

Related Articles

JC3 Contact:

Energy.gov