Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 113323

Summary: Kernel: Local DoS through exec() POSIX timers (CVE-2005-3271)
Product: Gentoo Security Reporter: Thierry Carrez (RETIRED) <koon>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: minor CC: jaervosz, security-kernel
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Thierry Carrez (RETIRED) gentoo-dev 2005-11-23 02:02:06 UTC 
In Ubuntu's USN-219-1:

A resource leak has been discovered in the handling of POSIX timers in
the exec() function. This could be exploited to a Denial of Service
attack by a group of local users. This vulnerability only affects
Ubuntu 4.10. (CVE-2005-3271)
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-11-25 12:52:38 UTC 
*** Bug 113502 has been marked as a duplicate of this bug. ***
Comment 2 Tim Yamin (RETIRED) gentoo-dev 2005-11-26 09:12:08 UTC 
Non-issue, this affects < 2.6.11 at the very minimum if not older than that
(patch is from 2004).