Linux kernel sys_timer_create() denial of service

linux-systimercreate-dos (25712) The risk level is classified as MediumMedium Risk

Description:

Linux kernel is vulnerable to a denial of service, caused by a vulnerability in the sys_timer_create() function in posix-timers.c. A local attacker could exploit this vulnerability to consume memory resources and cause various system processes to crash.


Consequences:

Denial of Service

Remedy:

No remedy available as of September 1, 2014.

References:

  • BugTraq Mailing List, Tue Apr 04 2006 - 18:24:40 CDT: Linux Kernel Local DoS vulnerability.
  • CVE-2006-7051: The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x allows local users to cause a denial of service (memory consumption) and possibly bypass memory limits or cause other processes to be killed by creating a large number of posix timers, which are allocated in kernel memory but are not treated as part of the process' memory.
  • OSVDB ID: 40963: Linux Kernel linux/kernel/posix-timers.c sys_timer_create() Function Memory Consumption DoS

Platforms Affected:

  • Linux Kernel 2.6.18.10
  • Linux Kernel 2.6.18.11
  • Linux Kernel 2.6.18.12
  • Linux Kernel 2.6.18.13
  • Linux Kernel 2.6.18.14
  • Linux Kernel 2.6.18.15
  • Linux Kernel 2.6.18.16
  • Linux Kernel 2.6.18.17
  • Linux Kernel 2.6.18.18
  • Linux Kernel 2.6.18.19
  • Linux Kernel 2.6.18.20
  • Linux Kernel 2.6.18.21
  • Linux Kernel 2.6.18.22
  • Linux Kernel 2.6.18.23
  • Linux Kernel 2.6.18.24
  • Linux Kernel 2.6.18.25
  • Linux Kernel 2.6.18.26
  • Linux Kernel 2.6.18.27
  • Linux Kernel 2.6.18.28
  • Linux Kernel 2.6.18.29
  • Linux Kernel 2.6.18.30
  • Linux Kernel 2.6.18.31
  • Linux Kernel 2.6.18.32
  • Linux Kernel 2.6.18.33
  • Linux Kernel 2.6.18.34
  • Linux Kernel 2.6.18.35
  • Linux Kernel 2.6.18.36
  • Linux Kernel 2.6.18.37
  • Linux Kernel 2.6.18.38
  • Linux Kernel 2.6.18.39
  • Linux Kernel 2.6.18.40
  • Linux Kernel 2.6.18.41
  • Linux Kernel 2.6.18.42
  • Linux Kernel 2.6.18.43
  • Linux Kernel 2.6.18.44
  • Linux Kernel 2.6.18.45
  • Linux Kernel 2.6.18.46
  • Linux Kernel 2.6.18.47
  • Linux Kernel 2.6.18.48
  • Linux Kernel 2.6.18.49
  • Linux Kernel 2.6.18.50
  • Linux Kernel 2.6.18.51
  • Linux Kernel 2.6.18.52
  • Linux Kernel 2.6.18.53
  • Linux Kernel 2.6.18.9
  • Linux Kernel 2.6.19 rc4
  • Linux Kernel 2.6.19 rc3
  • Linux Kernel 2.6.19 rc2
  • Linux Kernel 2.6.19 rc1
  • Linux Kernel 2.6.19.0
  • Linux Kernel 2.6.19.1
  • Linux Kernel 2.6.19.2
  • Linux Kernel 2.6.19.3
  • Linux Kernel 2.6.19.4
  • Linux Kernel 2.6.20 rc2
  • Linux Linux Kernel 2.6.18 rc2
  • Linux Linux Kernel 2.6.18 rc3
  • Linux Linux Kernel 2.6.18
  • Linux Linux Kernel 2.6.18 rc6
  • Linux Linux Kernel 2.6.18 rc1
  • Linux Linux Kernel 2.6.18 rc7
  • Linux Linux Kernel 2.6.18 rc5
  • Linux Linux Kernel 2.6.18 rc4
  • Linux Linux Kernel 2.6.18.1
  • Linux Linux Kernel 2.6.18.2
  • Linux Linux Kernel 2.6.18.3
  • Linux Linux Kernel 2.6.18.4
  • Linux Linux Kernel 2.6.18.5
  • Linux Linux Kernel 2.6.18.6
  • Linux Linux Kernel 2.6.18.7
  • Linux Linux Kernel 2.6.18.8
  • Linux Linux Kernel 2.6.20
  • Linux Linux Kernel 2.6.20.1

Reported:

Apr 04, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page