The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of lsof

vulnerability CVE-2006-1862

Linux kernel: denial of service via lsof

Synthesis of the vulnerability

A local attacker can stop system by calling lsof.
Impacted products: Linux, lsof, RHEL.
Severity: 1/4.
Consequences: denial of service on server.
Provenance: user shell.
Creation date: 30/05/2006.
Identifiers: 189031, 189260, CVE-2006-1862, RHSA-2006:049, RHSA-2006:0493-01, VIGILANCE-VUL-5880.

Description of the vulnerability

The lsof command obtains information about resources in use.

However, due a virtual memory management error, an attacker can call lsof several thousand times to stop kernel.

This vulnerability therefore permits a local attacker to conduct a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about lsof: