Lucene search

[email protected]CVE-2011-1082

HistoryApr 04, 2011 - 12:27 p.m.

CVE-2011-1082

2011-04-0412:27:00

CWE-400

[email protected]

web.nvd.nist.gov

linux

kernel

cve-2011-1082

denial of service

vulnerability

nvd

7.5 High

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

8.8%

JSON

fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt2.6.38

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	2.6.38

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=22bacca48a1755f79b7e0f192ddb9fbb7fc6e64e

openwall.com/lists/oss-security/2011/03/02/1

openwall.com/lists/oss-security/2011/03/02/2

www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38

bugzilla.redhat.com/show_bug.cgi?id=681575

lkml.org/lkml/2011/2/5/220

Social References

7.5 High

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

8.8%

JSON

Related for CVE-2011-1082

veracode1 prion1 ubuntucve1 seebug1 securityvulns2 nessus17 openvas20 oraclelinux2 redhat2 suse4 ubuntu6 packetstorm1