CVE-2001-0907

Linux Kernel < 2.2.19 - Denial of Service

Title source: rule

Description

Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows local users to cause a denial of service via a series of deeply nested symlinks, which causes the kernel to spend extra time when trying to access the link.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nergal · bashdoslinux

https://www.exploit-db.com/exploits/21122

View Code ZIP pw:eip

References (10)

[Broken Link] ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-036.0.txt

[Broken Link] http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-035-01

[Third Party Advisory] http://frontal2.mandriva.com/security/advisories?name=MDKSA-2001:079

[Mailing List, Third Party Advisory] http://marc.info/?l=bugtraq&m=100343090106914&w=2

[Mailing List, Third Party Advisory] http://marc.info/?l=bugtraq&m=100350685431610&w=2

[Broken Link] http://www.iss.net/security_center/static/7312.php

[Broken Link] http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3

[Third Party Advisory] http://www.linuxsecurity.com/advisories/other_advisory-1650.html

[Broken Link] http://www.novell.com/linux/security/advisories/2001_036_kernel_txt.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/3444

Scores

EPSS 0.0022

EPSS Percentile 44.8%

Classification

Status draft

Affected Products (1)

linux/linux_kernel < 2.2.19

Timeline

Published Oct 18, 2001

Tracked Since Feb 18, 2026