Vulnerabilities > CVE-2006-7051 - Denial-Of-Service vulnerability in kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x allows local users to cause a denial of service (memory consumption) and possibly bypass memory limits or cause other processes to be killed by creating a large number of posix timers, which are allocated in kernel memory but are not treated as part of the process' memory.
Vulnerable Configurations
Exploit-Db
description | Linux Kernel 2.6.x sys_timer_create() Local Denial of Service Exploit. CVE-2006-7051. Dos exploit for linux platform |
file | exploits/linux/dos/1657.asm |
id | EDB-ID:1657 |
last seen | 2016-01-31 |
modified | 2006-04-09 |
platform | linux |
port | |
published | 2006-04-09 |
reporter | fingerout |
source | https://www.exploit-db.com/download/1657/ |
title | Linux Kernel 2.6.x - sys_timer_create Local Denial of Service Exploit |
type | dos |
Statements
contributor | Mark J Cox |
lastmodified | 2007-03-14 |
organization | Red Hat |
statement | This issue can only be exploited if pending signals (ulimit -i) is set to "unlimited". In case of Red Hat Enterprise Linux version 2.1, 3 and 4 this is not the case and therefore they are not vulnerable to this issue. |