lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Apr 2018 06:46:58 +0200 From: Mike Galbraith <efault@....de> To: Ferry Toth <ftoth@...fort.nl> Cc: lkml <linux-kernel@...r.kernel.org> Subject: Re: DOS by unprivileged user On Thu, 2018-04-19 at 21:13 +0200, Ferry Toth wrote: > It appears any ordinary user can easily create a DOS on linux. > > One sure way to reproduce this is to open gitk on the linux kernel repo > (SIC) on a machine with 8GB RAM 16 GB swap on a HDD with btrfs and quad core > + hyperthreading. But I will be easy enough to get the same effect with more > RAM, other fs etc. > > In this case gitk allocates more and more memory (until my system freezes > 6.5GB of 7.5GB avaiable), the system starts swapping or writing to tmp files > (can't investigate as there is no time until it freezes) and the io wait > goes to 100% on all cores. At this point it is impossible to login from > remote and local keyboard and mouse are frozen. Hard reset is the only way > out at this point. datapoint: my i4790/ext4 box running master.yesterday booted mem=8G became highly unpleasant to use, but I retained control, and the all cores going to 100% thing did not happen at any time. I didn't try constraining on the gitk user, just turned it loose a few times to see if it managed to render box effectively dead. It failed to kill my box, but (expectedly) did make it suck rocks. -Mike
Powered by blists - more mailing lists