Linux Kernel File Lock Local Denial Of Service Vulnerability
BID:12949
Info
Linux Kernel File Lock Local Denial Of Service Vulnerability
| Bugtraq ID: | 12949 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 30 2005 12:00AM |
| Updated: | Mar 30 2005 12:00AM |
| Credit: | ChoiX [Unl0ck Team] is credited with the disclosure of this issue. |
| Vulnerable: |
Linux kernel 2.6.10 |
| Not Vulnerable: | |
Discussion
Linux Kernel File Lock Local Denial Of Service Vulnerability
A local denial of service vulnerability reportedly affects the Linux kernel. This issue arises due to a failure of the kernel to properly handle malicious, excessive file locks.
An attacker may leverage this issue to crash or hang the affected kernel and deny service to legitimate users.
It should be noted that Symantec has been unable to reproduce this issue after testing. It is possible that this vulnerability is linked to the reporter's specific configuration. More information will be added as it becomes available.
A local denial of service vulnerability reportedly affects the Linux kernel. This issue arises due to a failure of the kernel to properly handle malicious, excessive file locks.
An attacker may leverage this issue to crash or hang the affected kernel and deny service to legitimate users.
It should be noted that Symantec has been unable to reproduce this issue after testing. It is possible that this vulnerability is linked to the reporter's specific configuration. More information will be added as it becomes available.
Exploit / POC
Linux Kernel File Lock Local Denial Of Service Vulnerability
The following exploit has been made available:
The following exploit has been made available:
Solution / Fix
Linux Kernel File Lock Local Denial Of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Linux Kernel File Lock Local Denial Of Service Vulnerability
References:
References:
- kernel.org Homepage. (Linux Kernel)