lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <43C520AF.7090101@starzetz.de>
Date: Wed Jan 11 15:48:07 2006
From: paul at starzetz.de (Paul Starzetz)
Subject: Re: iDefense Security Advisory 12.22.05: Linux
 Kernel Socket Buffer Memory Exhaustion DoS Vulnerability

labs-no-reply@...fense.com wrote:

>
> The vulnerability specifically exists due to a lack of resource checking
> during the buffering of data for transfer over a pair of sockets. An
> attacker can create a situation that, depending on the amount of
> available system resources, can cause the kernel to panic due to memory
> resource exhaustion. The attack is conducted by opening up a number of

This is and has been ever known stuff in Linux :-]
The problem is even worse, since you can use AF_UNIX sockets to "hide" 
other filled sockets from the file-table descriptor limit (via send_msg).

please check

http://ko.librie.org/bigrip4.c

running it as unprivileged user will kill most of the processes (even 
those of root) on vulnerable machines.

regards

Paul Starzetz

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ