4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
9.8%
The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x
allows local users to cause a denial of service (memory consumption) and
possibly bypass memory limits or cause other processes to be killed by
creating a large number of posix timers, which are allocated in kernel
memory but are not treated as part of the process’ memory.
Author | Note |
---|---|
kees | no upstream fix, should be managed with ulimit instead |