Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: iDefense Security Advisory 12.22.05: Linux Kernel Socket Buffer Memory Exhaustion DoS Vulnerability
From: Paul Starzetz <paul () starzetz de>
Date: Wed, 11 Jan 2006 16:13:51 +0100

labs-no-reply () idefense com wrote:


The vulnerability specifically exists due to a lack of resource checking
during the buffering of data for transfer over a pair of sockets. An
attacker can create a situation that, depending on the amount of
available system resources, can cause the kernel to panic due to memory
resource exhaustion. The attack is conducted by opening up a number of

This is and has been ever known stuff in Linux :-]
The problem is even worse, since you can use AF_UNIX sockets to "hide" other filled sockets from the file-table descriptor limit (via send_msg).

please check

http://ko.librie.org/bigrip4.c

running it as unprivileged user will kill most of the processes (even those of root) on vulnerable machines.

regards

Paul Starzetz



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • Re: iDefense Security Advisory 12.22.05: Linux Kernel Socket Buffer Memory Exhaustion DoS Vulnerability Paul Starzetz (Jan 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault