Linux Kernel Local MEMLOCK RLIMIT Bypass Denial Of Service Vulnerability

The 'linux-2.4.21-mlock.patch' for the Linux kernel contains a security vulnerability. Reports indicate that the 'rlimit' restrictions do not correctly account for IPC (Inter-process Communications) functionality; this may result in unprivileged users having the right to 'mlock' memory.

A local attacker may exploit this issue to deny service for legitimate users.


 

Privacy Statement
Copyright 2010, SecurityFocus