Vulnerabilities > CVE-2006-7051 - Unspecified vulnerability in Linux Kernel
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN linux
exploit available
Summary
The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x allows local users to cause a denial of service (memory consumption) and possibly bypass memory limits or cause other processes to be killed by creating a large number of posix timers, which are allocated in kernel memory but are not treated as part of the process' memory.
Vulnerable Configurations
Exploit-Db
| description | Linux Kernel 2.6.x sys_timer_create() Local Denial of Service Exploit. CVE-2006-7051. Dos exploit for linux platform |
| file | exploits/linux/dos/1657.asm |
| id | EDB-ID:1657 |
| last seen | 2016-01-31 |
| modified | 2006-04-09 |
| platform | linux |
| port | |
| published | 2006-04-09 |
| reporter | fingerout |
| source | https://www.exploit-db.com/download/1657/ |
| title | Linux Kernel 2.6.x - sys_timer_create Local Denial of Service Exploit |
| type | dos |
Statements
| contributor | Mark J Cox |
| lastmodified | 2007-03-14 |
| organization | Red Hat |
| statement | This issue can only be exploited if pending signals (ulimit -i) is set to "unlimited". In case of Red Hat Enterprise Linux version 2.1, 3 and 4 this is not the case and therefore they are not vulnerable to this issue. |
References
- http://securityreason.com/securityalert/2287
- http://www.securityfocus.com/archive/1/430278/30/5790/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25712
- https://www.exploit-db.com/exploits/1657
- http://securityreason.com/securityalert/2287
- https://www.exploit-db.com/exploits/1657
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25712
- http://www.securityfocus.com/archive/1/430278/30/5790/threaded