Overview
The Red Hat Enterprise Linux 3 SMP Kernel may allow an authenticated attacker to cause a denial-of-service condition with specially crafted IPC shared-memory functions.
Description
Inter-Process Communication (IPC) shared-memory is a method of passing data between programs used by the Red Hat Enterprise Linux 3 SMP Kernel. The shmat() function is used to attach shared memory segments to data segments of calling processes and the shmctl() function can be used to remove the shared memory segment. When these functions are run simultaneously, controls set by shmat() that limit access to areas of IPC shared-memory may not be properly removed before the shared-memory is removed by shmctl(). This could cause a deadlock condition where shmat() is left waiting indefinitely to remove shared-memory access controls. |
Impact
An authenticated local attacker may be able to cause the system to freeze due to a deadlock condition, resulting in a denial of service. |
Solution
Upgrade or apply a patch Patches have been released to address this issue. Refer to Red Hat Security Advisory RHSA-2006:0710. Users who compile the kernel from source are encouraged to update to the most recent version. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This issue was reported in Red Hat Security Advisory RHSA-2006:0710-01.
This document was written by Chris Taschner.
Other Information
| CVE IDs: | CVE-2006-4342 |
| Severity Metric: | 0.03 |
| Date Public: | 2006-10-19 |
| Date First Published: | 2006-11-06 |
| Date Last Updated: | 2006-11-16 16:30 UTC |
| Document Revision: | 14 |