tmpwatch: local DoS : fork()bomb as root

sent through bugzilla.redhat.com no reply from responsible person. here it goes. Local DoS in /usr/sbin/tmpwatch. root forkbombs himself. tmpwatch is a bad boy Summary Local people can stop things working, and force you to reboot.  Longer summary Any user with write access to /tmp or /var/tmp ca...

PT-2013-6331 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.15.4 Description: The issue is related to the Linux kernel's handling of non-canonical values for the saved RIP address in system calls that do not use IRET. This can allow local users to leverage a race...