On 25.02.2012 07:32, Doug Henderson wrote:
On Feb 24, 2012, at 4:39 PM, Timo Sirainen wrote:
On 25.2.2012, at 0.49, Doug Henderson wrote:
[8irgehuq] CVE-2011-1083: Algorithmic denial of service in epoll.
After ksplice automatically installed the above patch on our mail servers, most/all IMAP/POP3 connections began experiencing time-outs trying to connect, or extreme timeouts in the auth procedure.
I'd guess this patch is already in new Linux kernel versions, so other people should have seen any problems caused by it?
Actually, it was only released a couple of days ago (2/21) by redhat for EL 5.8 see: https://rhn.redhat.com/errata/RHSA-2012-0150.html
"A flaw was found in the way the Linux kernel's Event Poll (epoll) subsystem handled large, nested epoll structures. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2011-1083, Moderate)"
Our automated patching (ksplice) installed it at around 10am PST today.
Other distributions may vary.
Try it without ksplice. (yum update and reboot)
Which kernel is running exactly?
Best regards,
Morten