Vigil@nce: Linux kernel, denial of service via automount
February 2010 by Vigil@nce
A local attacker can use automount, in order to generate a denial
of service.
– Severity: 1/4
– Consequences: denial of service of service
– Provenance: user shell
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Creation date: 24/02/2010
IMPACTED PRODUCTS
– Linux kernel
DESCRIPTION OF THE VULNERABILITY
The automatic file system mounting (automount) uses:
– symbolic links (NFS), or
– AutoFS
When symbolic links are used, directory links are not followed
with LOOKUP_FOLLOW. This error leads to a denial of service.
Technical details are unknown.
CHARACTERISTICS
– Identifiers: VIGILANCE-VUL-9471
– Url: http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-automount-9471