CVE-2011-2484
Advisory lineage Upstream: 0 Downstream: 6
Modified
Published: 24 Jun 2011, 20:00
Last modified:06 Aug 2024, 23:00
Vulnerability Summary
Overall Risk (default)
low
20/100 CVSS Score
4.9 MEDIUM
v2.0 (nvd)
EPSS Score
0.06% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
24 Jun 2011, 20:00
Published
Vulnerability first disclosed
06 Aug 2024, 23:00
Last Modified
Vulnerability information updated
Description
The add_del_listener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a crafted application.
CVSS Metrics
- v2.0•MEDIUM•Score: 4.9AV:L/AC:L/Au:N/C:N/I:N/A:C
EPSS Trends
Current EPSS score: 0.06%• Percentile: 20%
Techniques & Countermeasures
- CWE-399•Resource Management Errors
Weaknesses in this category are related to improper management of system resources.
Affected Systems
- linux•linux_kernel
≤ 2.6.39.1
References (6)
- http://www.securityfocus.com/bid/48383
- http://openwall.com/lists/oss-security/2011/06/22/2
- https://bugzilla.redhat.com/show_bug.cgi?id=715436
- http://lists.openwall.net/linux-kernel/2011/06/16/605
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68150
- http://openwall.com/lists/oss-security/2011/06/22/1