oss-sec mailing list archives

Re: CVE request: kernel: Multiple DoS issues in epoll

From: Petr Matousek <pmatouse () redhat com>
Date: Wed, 2 Mar 2011 08:57:27 -0500 (EST)

----- Original Message -----

Two requests for bugs in epoll:

(1) The epoll subsystem in Linux did not prevent users from creating
circular
epoll file structures, potentially leading to a denial of service
(kernel
deadlock).

Reference: https://lkml.org/lkml/2011/2/5/220
Upstream commit:
http://git.kernel.org/linus/22bacca48a1755f79b7e0f192ddb9fbb7fc6e64e


Please use CVE-2011-1082.

(2) The epoll subsystem allows users to create large nested epoll
structures,
which the kernel will then to walk with preemption disabled, causing a
denial of
service via excessive CPU consumption in the kernel.

References:
http://thread.gmane.org/gmane.linux.kernel/1105744
http://thread.gmane.org/gmane.linux.kernel/1105744/focus=1105888

No upstream fix yet for this one.


Please use CVE-2011-1083.

Thank you,
--
Petr Matousek / Red Hat Security Response Team

Current thread:

CVE request: kernel: Multiple DoS issues in epoll Nelson Elhage (Mar 01)
- Re: CVE request: kernel: Multiple DoS issues in epoll Petr Matousek (Mar 02)