Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux
kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to
cause a denial of service (infinite loop) via a timer with a large expiry
value, which causes the timer to always be expired.
Johannes Bauer discovered that the 64bit kernel did not correctly handle
hrtimer updates. A local attacker could request a large expiration
value and cause the system to hang, leading to a denial of service.
kees> fixed upstream in two ways (see patch list)
Updated: 2016-01-26 17:30:09 UTC (commit 10507)