Denial of Service Vulnerability in Linux Kernel's Epoll Implementation

Denial of Service Vulnerability in Linux Kernel's Epoll Implementation

CVE-2011-1083 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.