CVE-2011-1082

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://openwall.com/lists/oss-security/2011/03/02/1", "name": "[oss-security] 20110301 CVE request: kernel: Multiple DoS issues in epoll", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "refsource": "MLIST"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681575", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=681575", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://openwall.com/lists/oss-security/2011/03/02/2", "name": "[oss-security] 20110302 Re: CVE request: kernel: Multiple DoS issues in epoll", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "refsource": "MLIST"}, {"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38", "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38", "tags": ["Broken Link"], "refsource": "CONFIRM"}, {"url": "https://lkml.org/lkml/2011/2/5/220", "name": "[linux-kernel] 20110205 [PATCH] epoll: Prevent deadlock through unsafe ->f_op->poll() calls.", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "refsource": "MLIST"}, {"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=22bacca48a1755f79b7e0f192ddb9fbb7fc6e64e", "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=22bacca48a1755f79b7e0f192ddb9fbb7fc6e64e", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-400"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2011-1082", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2011-04-04T12:27Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.6.38"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-02-13T01:18Z"}