News
Vigil@nce: Linux kernel, denial of service via connector
February 2010 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
A local attacker can force the connector driver to use all system memory, which halts the system.
Severity: 1/4
Consequences: denial of service of computer
Provenance: user shell
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 03/02/2010
IMPACTED PRODUCTS
Linux kernel
DESCRIPTION OF THE VULNERABILITY
Sockets of type NETLINK are used to exchange messages between the user and the kernel.
The connector driver is based on the NETLINK_CONNECTOR family, and implements a queue and a notification system.
However, a local attacker can send several NETLINK_CONNECTOR messages, in order to progressively use all kernel memory.
A local attacker can thus generate a denial of service.
CHARACTERISTICS
Identifiers: BID-38058, CVE-2010-0410, VIGILANCE-VUL-9405
