Re: NetBSD 1.4.1 local DoS

[nike () NIKE SOFTJOYS RU (Nikolay N. Igotti)]

>   This does not `freeze' the system per se.  What it does is tie up all
>   the network resources, and make it impossible to any network I/O (even
>   through Un*x-domain sockets).
>
>   Linux is not generally vulnerable to the exploit as posted, because it
>   seems to only accept 64512 bytes from the write(2)s, and limit the
>   file descriptor table to 256 entries (at least by default), thus
>   making the program chew up less memory.  However, a trivial variant
>   (attached below) causes memory exhaustion on the Linux system I
>   tested.  Interestingly, this did not cause the Linux system to crash,
>   but it does cause a bunch of processes to be killed -- gpm, klogd,

 I've posted message titled "linux memory DOS" about 5 days ago to linux-kernel list.
This situation is reproducible even without any IO/fork operations, only with memory
operations. There are some suggested patches, at least to fix memory problem.
Look linux-kernel mailing list archive for more info.

>   update, crond, and finally the test program itself.  So there is still
>   a denial of service, especially if the program is modified to
>   continually fork as well (also attached below, although it could be
>   done a bit better).