Bugtraq mailing list archives

Re: Local DoS in FreeBSD

From: jeff () CETLINK NET (Jeff Wheat)
Date: Thu, 2 Sep 1999 16:51:33 -0400


On 01-Sep-99 Darren Reed wrote:


This was first posted to the FreeBSD security list on the 9th of August,
subsequently discussed on freebsd-stable and freebsd-hackers... no one
seems to care, even though it is able to lock up 2.2.6, 2.2.8, and 3.2.x
machines consistantly. I have also been told that it affects NetBSD and
OpenBSD, though I haven't confirmed it.

Someone with the know-how care to fix?


Fixing this has been discussed internally, I imagine, by many of the
affected OS's.  The problem is a resource stavation issue - in this
case mbuf's.  Arguably, it shouldn't "lock up", just freeze up anything
that does networking.

I imagine you could lock up more than just the *BSD's with this program.

Darren


In all the tests that I have conducted on my FreeBSD systems, both
intel and alpha based, versions 2.2.2 through 4.0-19990809-CURRENT
result in the machines rebooting after running this DoS. The only
work-around for this is supposedly setting resource limits in the
/etc/login.conf file or to prevent public access to the machines.

Regards,
Jeff

Current thread:

Re: Local DoS in FreeBSD Darren Reed (Aug 31)
- DoS bug in MessageASAP software Forrest Aldrich (Aug 30)
- Re: Local DoS in FreeBSD L. Sassaman (Sep 01)
- Re: Local DoS in FreeBSD Jared Mauch (Sep 02)
- Re: Local DoS in FreeBSD Jeff Wheat (Sep 02)
  - Re: Local DoS in FreeBSD FreeBSD -- The Power to Serve (Sep 07)
- <Possible follow-ups>
- Re: Local DoS in FreeBSD MMS26 (Aug 31)
- Re: Local DoS in FreeBSD Jason Ackley (Aug 31)