oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: kernel: unix socket local dos

From: Thomas Biege <thomas () suse de>
Date: Fri, 26 Nov 2010 16:00:35 +0100

JFYI, additional comments

http://lkml.org/lkml/2010/11/25/8



Am Mittwoch, 24. November 2010, 04:03:27 schrieb Eugene Teo:

Reported by Vegard Nossum: "I found this program lying around on my
laptop. It kills my box (2.6.35) instantly by consuming a lot of memory
(allocated by the kernel, so the process doesn't get killed by the OOM
killer). As far as I can tell, the memory isn't being freed when the
program exits either. Maybe it will eventually get cleaned up the UNIX
socket garbage collector thing, but in that case it doesn't get called
quickly enough to save my machine at least."

Reproducer: http://lkml.org/lkml/2010/11/23/395
Partial fix: http://lkml.org/lkml/2010/11/23/450
Reference: https://bugzilla.redhat.com/show_bug.cgi?id=656756

Thanks, Eugene



-- 
 Thomas Biege <thomas () suse de>, SUSE LINUX, Security Support & Auditing
 SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
Previous By Date Next
Previous By Thread Next

Current thread: