PT-2006-4603 · Linux+1 · Linux Kernel+1
Marcel Holtmann
+1
·
Published
2006-10-05
·
Updated
2023-02-13
·
CVE-2006-3741
CVSS v2.0
4.9
Medium
| Vector | AV:L/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions 2.4.x through 2.6.17
Description
The issue is related to the perfmonctl system call in the Linux kernel, which does not properly track the reference count for file descriptors when running on Itanium systems. This allows local users to cause a denial of service by consuming file descriptors.
Recommendations
For Linux kernel versions 2.4.x through 2.6.17, consider upgrading to a version 2.6.18 or later to resolve the issue. As a temporary workaround, restrict access to the sys perfmonctl system call to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux Kernel
Red Hat