Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: iDefense Security Advisory 12.22.05: Linux Kernel Socket Buffer Memory Exhaustion DoS Vulnerability

From: Paul Starzetz <paul () starzetz de>
Date: Wed, 11 Jan 2006 16:13:51 +0100
labs-no-reply () idefense com wrote:



The vulnerability specifically exists due to a lack of resource checking
during the buffering of data for transfer over a pair of sockets. An
attacker can create a situation that, depending on the amount of
available system resources, can cause the kernel to panic due to memory
resource exhaustion. The attack is conducted by opening up a number of


This is and has been ever known stuff in Linux :-]
The problem is even worse, since you can use AF_UNIX sockets to "hide" other filled sockets from the file-table descriptor limit (via send_msg). 

please check

http://ko.librie.org/bigrip4.c
running it as unprivileged user will kill most of the processes (even those of root) on vulnerable machines. 

regards

Paul Starzetz



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: