The memory resource controller (aka memcg) in the Linux kernel allows local users to cause a denial of service (deadlock) by spawning new processes within a memory-constrained cgroup.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2015-0864.html | Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2015-2152.html | Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2015-2411.html | Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2016-0068.html | Third Party Advisory |
http://www.securityfocus.com/bid/74293 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=1198109 | Issue Tracking Third Party Advisory |
Configurations
History
13 Feb 2023, 00:44
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | The memory resource controller (aka memcg) in the Linux kernel allows local users to cause a denial of service (deadlock) by spawning new processes within a memory-constrained cgroup. |
02 Feb 2023, 20:19
Type | Values Removed | Values Added |
---|---|---|
Summary | It was found that the Linux kernel memory resource controller's (memcg) handling of OOM (out of memory) conditions could lead to deadlocks. An attacker able to continuously spawn new processes within a single memory-constrained cgroup during an OOM event could use this flaw to lock up the system. | |
References |
|
|
CPE | cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:* |
Information
Published : 2018-02-09 22:29
Updated : 2023-12-10 12:30
NVD link : CVE-2014-8171
Mitre link : CVE-2014-8171
CVE.ORG link : CVE-2014-8171
JSON object : View
Products Affected
linux
- linux_kernel
redhat
- enterprise_linux
- enterprise_mrg
CWE
CWE-399
Resource Management Errors