Vigil@nce - Linux kernel: denial of service via Pipes
March 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can create numerous pipes and fill them, in order
to force the Linux kernel to consume too many memory resources.
– Impacted products: Fedora, Linux.
– Severity: 1/4.
– Creation date: 02/03/2016.
DESCRIPTION OF THE VULNERABILITY
An application can use a pipe, in order to transmit data to
another application.
To forbid denials of service, the number of pipes of a user is
limited. However, there is no limit on the data size which can be
stored in each pipe.
A local attacker can therefore create numerous pipes and fill
them, in order to force the Linux kernel to consume too many
memory resources.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-Pipes-19065