CVE-2011-1082

Linux Kernel < 2.6.38 - Denial of Service

Title source: rule

Description

fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nelson Elhage · cdoslinux

https://www.exploit-db.com/exploits/35404

View Code ZIP pw:eip

References (6)

[Patch] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=22bacca48a1755f79b7e0f192ddb9fbb7fc6e64e

[Mailing List, Patch, Third Party Advisory] http://openwall.com/lists/oss-security/2011/03/02/1

[Mailing List, Patch, Third Party Advisory] http://openwall.com/lists/oss-security/2011/03/02/2

[Broken Link] http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38

[Issue Tracking, Patch, Third Party Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=681575

[Mailing List, Patch, Third Party Advisory] https://lkml.org/lkml/2011/2/5/220

Scores

EPSS 0.0020

EPSS Percentile 42.4%

Details

CWE

CWE-400

Status published

Products (1)

linux/linux_kernel < 2.6.38

Published Apr 04, 2011

Tracked Since Feb 18, 2026