| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Jan 2006 16:13:51 +0100 From: Paul Starzetz <paul@...rzetz.de> To: "labs@...fense.com" <labs@...fense.com> Cc: full-disclosure@...ts.grok.org.uk, vulnwatch@...nwatch.org, bugtraq@...urityfocus.com Subject: Re: iDefense Security Advisory 12.22.05: Linux Kernel Socket Buffer Memory Exhaustion DoS Vulnerability labs-no-reply@...fense.com wrote: > > The vulnerability specifically exists due to a lack of resource checking > during the buffering of data for transfer over a pair of sockets. An > attacker can create a situation that, depending on the amount of > available system resources, can cause the kernel to panic due to memory > resource exhaustion. The attack is conducted by opening up a number of This is and has been ever known stuff in Linux :-] The problem is even worse, since you can use AF_UNIX sockets to "hide" other filled sockets from the file-table descriptor limit (via send_msg). please check http://ko.librie.org/bigrip4.c running it as unprivileged user will kill most of the processes (even those of root) on vulnerable machines. regards Paul Starzetz _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists