lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 1 Sep 2007 18:39:44 +0100
From:	Athanasius <link@...gy.org>
To:	Patrick McHardy <kaber@...sh.net>,
	linux-kernel <linux-kernel@...r.kernel.org>
Cc:	Andrew Morton <akpm@...ux-foundation.org>, netdev@...r.kernel.org,
	bugme-daemon@...zilla.kernel.org
Subject: Re: [Bugme-new] [Bug 8961] New: BUG triggered by oidentd in netlink code

On Sat, Sep 01, 2007 at 06:38:23PM +0200, Patrick McHardy wrote:
> Athanasius wrote:
> >  I'll compile up a new kernel, likely 2.6.22.6, plus this patch, and
> >reboot to it tonight.  I still don't know *exactly* how to trigger the
> >bug on demand though, it's not reocurred since I posted the bug report
> >(but had happened about a week before as well).
> 
> Thanks. I'm not sure either, it would require two concurrent requests
> to be processed, but AFAICS oidentd only uses a single netlink socket.
> Perhaps multiple running instances or something else using the inet_diag
> interface?
> 
> You might be able to trigger it without this patch by running
> "while true; do ss -tn; done" while doing ident queries, but
> just running the while loop a couple of times in parallel
> doesn't seem to trigger it here.

  I went for setting up a dummy listener in inetd, using tcpd, and
setting hosts.allow to specify myuser@ip.  Then a few while loops
spamming it with connections using nc.

  Anyway, on the old kernel that managed to trigger the BUG twice in
about 30 minutes.  I'm now on 2.6.22.6 plus your patch and coming up on
an hour (55+ mins) of the same and no sign of the BUG.

  So that looks like fixed to me.  I'll weigh in again if the daily
logcheck throws up another.

-Ath
-- 
- Athanasius = Athanasius(at)miggy.org / http://www.miggy.org/
                  Finger athan(at)fysh.org for PGP key
	   "And it's me who is my enemy. Me who beats me up.
Me who makes the monsters. Me who strips my confidence." Paula Cole - ME

Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ