Bug 296151 - Easy DoS by setroubleshootd
Summary: Easy DoS by setroubleshootd
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: setroubleshoot
Version: 5.0
Hardware: All
OS: Linux
low
high
Target Milestone: ---
: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-09-19 12:17 UTC by Milan Kerslager
Modified: 2011-05-25 15:01 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-05-25 15:01:38 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Milan Kerslager 2007-09-19 12:17:18 UTC
Setroubleshood eats a lot of memory causing OOM. Attacker is able to perform a
lot of HTTP requests with permission denied messages by SELinux and running
setroubleshootd daemon will eats all available memory (2GB RAM + 4GB in swap in
my case).

Comment 1 John Dennis 2008-01-09 23:50:13 UTC
This problem should be addressed by the new setroubleshoot 2.0 series scheduled
for inclusion in the RHEL 5.2 update.


Note You need to log in before you can comment on or make changes to this bug.