4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
0.4%
The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not
properly traverse a tree of epoll file descriptors, which allows local
users to cause a denial of service (CPU consumption) via a crafted
application that makes epoll_create and epoll_ctl system calls.
Author | Note |
---|---|
henrix | This has been fixed for a while with 93dc6107a76daed81c07f50215fa6ae77691634f |