Vigil@nce: Linux kernel, denial of service of qdisc_run
December 2008 by Vigil@nce
SYNTHESIS
A local attacker can generate a high network load in order to lock
the system in __qdisc_run().
Gravity: 1/4
Consequences: data flow
Provenance: user account
Means of attack: 1 attack
Ability of attacker: technician (2/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 23/12/2008
IMPACTED PRODUCTS
– Linux kernel
DESCRIPTION
The __qdisc_run() function of net/sched/sch_generic.c schedules
the output of packets.
When a user sends a lot of packets, the kernel never leaves this
function. Other system operations are therefore always postponed.
A local attacker can thus generate a high network load in order to
lock the system in __qdisc_run().
CHARACTERISTICS
Identifiers: 477744, BID-32985, VIGILANCE-VUL-8353