• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linux Kernel 'hrtimers' Local Denial of Service Vulnerability

The Linux kernel is prone to a local denial-of-service vulnerability because it fails to properly handle certain 'hrtimers' relative timeout values.

Attackers can exploit this issue to trigger kernel crashes, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.

Versions prior to Linux kernel 2.6.23.10 are vulnerable.