oss-security - CVE request: kernel: Multiple DoS issues in epoll

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [thread-next>] [day] [month] [year] [list]

Message-ID: <20110302015646.GK5871@ksplice.com>
Date: Tue, 1 Mar 2011 20:56:46 -0500
From: Nelson Elhage <nelhage@...lice.com>
To: oss-security@...ts.openwall.com
Subject: CVE request: kernel: Multiple DoS issues in epoll

Two requests for bugs in epoll:

(1) The epoll subsystem in Linux did not prevent users from creating circular
epoll file structures, potentially leading to a denial of service (kernel
deadlock).

Reference: https://lkml.org/lkml/2011/2/5/220
Upstream commit: http://git.kernel.org/linus/22bacca48a1755f79b7e0f192ddb9fbb7fc6e64e

(2) The epoll subsystem allows users to create large nested epoll structures,
which the kernel will then to walk with preemption disabled, causing a denial of
service via excessive CPU consumption in the kernel.

References:
http://thread.gmane.org/gmane.linux.kernel/1105744
http://thread.gmane.org/gmane.linux.kernel/1105744/focus=1105888

No upstream fix yet for this one.

- Nelson

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.