|
Bugtraq
mailing list archives
Re: Local Denial-of-Service attack against Linux
From: sullivan () SIKUREZZA ORG (Gigi Sullivan)
Date: Mon, 3 Apr 2000 23:00:24 +0200
Aiee:)
Hello!
The issues causing this DoS are apparently more complex than it
may appear, I have followed the discussion in the Linux kernel mailing
list. There is a patch for the exploit in 2.2.15pre-16 and it is a
noteworthy amount of code.
Jeff
Well, as I said in my previous post, I did the patch, but I said
that I'm not sure if my patch is the `right way to do it'.
However, I downloaded pre-patch-2.2.15pre-16 from
ftp.kernel.org/pub/linux/kernel/people/alan and this was the patch I found:
diff -u --new-file --recursive --exclude-from /usr/src/exclude linux.vanilla
/net/unix/af_unix.c linux.15pre16/net/unix/af_unix.c
--- linux.vanilla/net/unix/af_unix.c Sat Aug 14 02:27:46 1999
+++ linux.15pre16/net/unix/af_unix.c Tue Mar 28 17:27:52 2000
@@ -969,6 +969,10 @@
return -ENOTCONN;
}
+ err = -EMSGSIZE;
+ if (len > sk->sndbuf)
+ goto out;
+
if (sock->passcred && !sk->protinfo.af_unix.addr)
unix_autobind(sock);
And this isn't so different from my one (except the fact that I
check len > sk->sndbuff - 16, thus limiting the sending buffer.
[so in that I was wrong]).
Thx a lot!
bye bye
-- gg sullivan
--
Lorenzo Cavallaro `Gigi Sullivan' <sullivan () sikurezza org>
Until I loved, life had no beauty;
I did not know I lived until I had loved. (Theodor Korner)
 By Date 
By Thread
Current thread:
|
Intro
