oss-sec mailing list archives
CLONE_NEWUSER local DoS
From: Petr Matousek <pmatouse () redhat com>
Date: Tue, 6 Aug 2013 16:31:48 +0200
Hello, spender reported [1] a local DoS triggerable by unprivileged user when user namespaces are enabled (CONFIG_USER_NS). [1] https://twitter.com/grsecurity/status/364566062336978944 Reproducer: b836010000bb00000010cd80ebf2 is for(;;)unshare(1<<28); Best regards, -- Petr Matousek / Red Hat Security Response Team
Current thread:
- CLONE_NEWUSER local DoS Petr Matousek (Aug 06)
- Re: CLONE_NEWUSER local DoS Kurt Seifried (Aug 06)
- Re: CLONE_NEWUSER local DoS Oleg Nesterov (Aug 06)
- [PATCH 0/1] (Was: CLONE_NEWUSER local DoS) Oleg Nesterov (Aug 06)
- [PATCH 1/1] userns: unshare_userns(&cred) should not populate cred on failure Oleg Nesterov (Aug 06)
- Re: [PATCH 1/1] userns: unshare_userns(&cred) should not populate cred on failure Andy Lutomirski (Aug 06)
- Re: [PATCH 1/1] userns: unshare_userns(&cred) should not populate cred on failure Eric W. Biederman (Aug 06)
- Re: [PATCH 0/1] (Was: CLONE_NEWUSER local DoS) Petr Matousek (Aug 07)
- [PATCH 0/1] (Was: CLONE_NEWUSER local DoS) Oleg Nesterov (Aug 06)
- Re: CLONE_NEWUSER local DoS Andy Lutomirski (Aug 06)
- Re: CLONE_NEWUSER local DoS Oleg Nesterov (Aug 06)