CVE-2002-1963

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.4.1 through 2.4.19

Description The issue allows local users to cause a denial of service, specifically resource exhaustion, by opening a certain number of setuid binaries. This occurs because the Linux kernel sets a limit of 10 files for root's NR RESERVED FILES, which can be exhausted by opening 10 setuid binaries.

Recommendations For Linux kernel versions 2.4.1 through 2.4.19, consider restricting access to setuid binaries to minimize the risk of exploitation. As a temporary workaround, limit the number of setuid binaries that can be opened by a local user to prevent resource exhaustion.