Bugtraq mailing list archives

Re: local users can panic linux kernel (was: SuSE syslogd advisory)

From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Sat, 20 Nov 1999 01:42:53 +0000

Taking a guess, I would say that the panic is caused by instability of
the linux select() implementation, and could therefore be abused in other
programs that manage an unlimited amount of connections using the select
syscall.


its an old bug in 2.0 kernels with garbage collection on Unix domain sockets
if you bumped the number up above the default. I believe 2.2 (certainly
all modern 2.2) and 2.3 should be immune to this.

Alan

Current thread:

Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7), (continued)
- - Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Daniel Jacobowitz (Nov 16)
  - Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Jochen Bauer (Nov 16)
    - Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Nick Craig-Wood (Nov 18)
    - ProFTPd - mod_sqlpw.c Todd C. Campbell (Nov 19)
    - Pandora v4 Beta 2 Software Simple Nomad (Nov 19)
  - Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability Ussr Labs (Nov 16)
    - Re: Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability Seth R Arnold (Nov 17)
    - Re: Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability Marc (Nov 17)
    - SuSE Security Announcement - syslogd (a1) Thomas Biege (Nov 18)
    - local users can panic linux kernel (was: SuSE syslogd advisory) Mixter (Nov 18)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Alan Cox (Nov 19)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Savochkin Andrey Vladimirovich (Nov 20)
    - ANN: Bruce v1.0 Early Access 1 - Available for downloa Alec Muffett (Nov 22)
    - Re: local users can panic linux kernel (was: SuSE syslogd Alan Cox (Nov 22)
    - Re: local users can panic linux kernel (was: SuSE syslogd Savochkin Andrey Vladimirovich (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogd Darren Reed (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogd Savochkin Andrey Vladimirovich (Nov 24)
    - Remote DoS Attack in WorldClient Server v2.0.0.0 Vulnerability Ussr Labs (Nov 24)
    - Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability Ussr Labs (Nov 24)
    - Re: local users can panic linux kernel (was: SuSE syslogd Darren Reed (Nov 24)
    - [w00giving '99 #5 and w00news]: UnixWare 7's su Matt Conover (Nov 25)

(Thread continues...)