A flaw in the inotify subsystem can allow a local attacker to create a denial of service (DOS) situation in which the memory use of watches on existing watchpoints were not accounted for correctly.
In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak). Finally, this will cause a denial of service.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1694759]
kernel-5.0.6-100.fc28, kernel-headers-5.0.6-100.fc28, kernel-tools-5.0.6-100.fc28 has been pushed to the Fedora 28 stable repository. If problems still persist, please make note of it in this bug report.
kernel-5.0.6-200.fc29, kernel-headers-5.0.6-200.fc29, kernel-tools-5.0.6-200.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.