Kernel memory leak in the CUSE driver using stress-ng was found. It is possible for privileged attacker to cause a local DoS via memory exhaustion by repeatedly opening /dev/cuse for reading. Upstream patch: https://git.kernel.org/linus/2c5816b4beccc8ba709144539f6fdd764f8fa49c References: https://bugzilla.novell.com/show_bug.cgi?id=969356 http://seclists.org/oss-sec/2016/q1/495
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1314332]
Statement: This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7 and MRG-2 as the code with the flaw is not present in the products listed.