oss-sec mailing list archives
Re: CVE request: kernel: taskstats local DoS
From: Vasiliy Kulikov <segoon () openwall com>
Date: Thu, 30 Jun 2011 14:18:16 +0400
On Wed, Jun 22, 2011 at 15:23 +0800, Eugene Teo wrote:
On 06/22/2011 03:17 PM, Vasiliy Kulikov wrote:"Currently a single process may register exit handlers unlimited times. It may lead to a bloated listeners chain and very slow process terminations. E.g. after 10KK sent TASKSTATS_CMD_ATTR_REGISTER_CPUMASKs ~300 Mb of kernel memory is stolen for the handlers chain and "time id" shows 2-7 seconds instead of normal 0.003. It makes it possible to exhaust all kernel memory and to eat much of CPU time by triggerring numerous exits on a single CPU. The patch limits the number of times a single process may register itself on a single CPU to one." It makes it possible for unprivileged user eat kernel memory and CPU without triggering OOM killer. Was introduced in f9fd8914c1acca0d98b69d831b128d5b52f03c51. http://lists.openwall.net/linux-kernel/2011/06/16/605Please use CVE-2011-2484.
The fix: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=26c4caea9d697043cc5a458b96411b86d7f6babd Thanks, -- Vasiliy Kulikov http://www.openwall.com - bringing security into open computing environments
Current thread:
- CVE request: kernel: taskstats local DoS Vasiliy Kulikov (Jun 22)
- Re: CVE request: kernel: taskstats local DoS Eugene Teo (Jun 22)
- Re: CVE request: kernel: taskstats local DoS Vasiliy Kulikov (Jun 30)
- Re: CVE request: kernel: taskstats local DoS Eugene Teo (Jun 22)