Bugtraq mailing list archives
Re: Local Denial-of-Service attack against Linux
From: sullivan () SIKUREZZA ORG (Gigi Sullivan)
Date: Mon, 27 Mar 2000 09:04:39 +0200
Aiee:) Hello!
This amusing little program will hang Linux 2.2.12 (default Red Hat 6.1), 2.2.14 (latest stable kernel) and 2.3.99-pre2 (latest development kernel) on my 6x86 scratch machine and our various Pentium development machines. Note that this does not require any special privileges. The send system call immediately puts the kernel in a loop spewing kmalloc: Size (131076) too large forever (or until you hit the reset button).
[snip] I here enclose a very easy little kernel patch that should fix this problem. This is a temporary fix, tho. I'm not sure this is the right way to do it and probably this could break some actual behaviour (see the comments). I apologize; Still learning kernel internals. bye bye -- gg sullivan P.S. Advices, correction, bug fixes :) are really wellcome. -- Lorenzo Cavallaro `Gigi Sullivan' <sullivan () sikurezza org> Until I loved, life had no beauty; I did not know I lived until I had loved. (Theodor Korner) <HR NOSHADE> <UL> <LI>text/plain attachment: dos_patch_ </UL>
Current thread:
- Napster, Inc. response to Colten Edwards, (continued)
- Napster, Inc. response to Colten Edwards Elias Levy (Mar 30)
- Cobalt apache configuration exposes .htaccess Paul Schreiber (Mar 30)
- Re: Napster, Inc. response to Colten Edwards Danny Crawford (Mar 30)
- Re: Napster, Inc. response to Colten Edwards Dylan Griffiths (Mar 30)
- Alert: MS Index Server (CISADV000330) Cerberus Security Team (Mar 30)
- Webstar 4.0 Buffer overflow vulnerability Ilhom Djalilov (Mar 31)
- Microsoft Security Bulletin (MS00-006) Microsoft Product Security (Mar 31)
- [ Cobalt ] Security Advisory -- 03.31.2000 Jeff Lovell (Mar 31)
- SalesLogix Eviewer Web App Bug: URL request crashes eviewer web application Todd Beebe (Mar 31)
- Windmail allow web user get any file Frankie Zie (Mar 25)
- Re: Local Denial-of-Service attack against Linux Gigi Sullivan (Mar 26)
- Re: Local Denial-of-Service attack against Linux Gigi Sullivan (Mar 31)
- Re: gpm-root Alessandro Rubini (Mar 23)