Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 22 Jun 2011 15:23:15 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: Vasiliy Kulikov <segoon@...nwall.com>
Subject: Re: CVE request: kernel: taskstats local DoS

On 06/22/2011 03:17 PM, Vasiliy Kulikov wrote:
> "Currently a single process may register exit handlers unlimited times.
> It may lead to a bloated listeners chain and very slow process terminations.
> E.g. after 10KK sent TASKSTATS_CMD_ATTR_REGISTER_CPUMASKs ~300 Mb of
> kernel memory is stolen for the handlers chain and "time id" shows 2-7
> seconds instead of normal 0.003.  It makes it possible to exhaust all
> kernel memory and to eat much of CPU time by triggerring numerous exits
> on a single CPU.
> 
> The patch limits the number of times a single process may register
> itself on a single CPU to one."
> 
> It makes it possible for unprivileged user eat kernel memory and CPU
> without triggering OOM killer.
> 
> Was introduced in f9fd8914c1acca0d98b69d831b128d5b52f03c51.
> 
> http://lists.openwall.net/linux-kernel/2011/06/16/605

Please use CVE-2011-2484.

Thanks, Eugene

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ